Re: [Asrg] What are the IPs that sends mail for a domain?

Ian Eiloart <> Fri, 19 June 2009 08:52 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 9DB8C3A6B16 for <>; Fri, 19 Jun 2009 01:52:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.863
X-Spam-Status: No, score=-1.863 tagged_above=-999 required=5 tests=[AWL=-0.660, BAYES_00=-2.599, MIME_QP_LONG_LINE=1.396]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id l01KGzgakZfD for <>; Fri, 19 Jun 2009 01:52:08 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id A0D103A67F0 for <>; Fri, 19 Jun 2009 01:52:08 -0700 (PDT)
Received: from ([]:56176) by with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.64) (envelope-from <>) id KLHA0X-000J39-4R for; Fri, 19 Jun 2009 09:53:21 +0100
Date: Fri, 19 Jun 2009 09:52:16 +0100
From: Ian Eiloart <>
To: Anti-Spam Research Group - IRTF <>
Message-ID: <>
In-Reply-To: <200906182044.QAA05200@Sparkle.Rodents-Montreal.ORG>
References: <9112777.1871245190785748.JavaMail.franck@iphone-4.genius.local> <> <> <> <200906180105.VAA21834@Sparkle.Rodents-Montreal.ORG> <> <200906182044.QAA05200@Sparkle.Rodents-Montreal.ORG>
Originator-Info: login-token=Mulberry:01wYzFqirtMw8C+RkMLbI0ATgdJwTmBCSyNvc=;
X-Mailer: Mulberry/4.0.8 (Mac OS X)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
X-Sussex: true
X-Sussex-transport: remote_smtp
Subject: Re: [Asrg] What are the IPs that sends mail for a domain?
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <>
List-Id: Anti-Spam Research Group - IRTF <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Fri, 19 Jun 2009 08:52:09 -0000

--On 18 June 2009 15:19:24 -0400 der Mouse <mouse@Rodents-Montreal.ORG> 

>> Have you heard of SPF?
> Yes.  It flopped, no?  If it had been widely adopted, I might have to
> decide whether I think it constitutes "pushing responsibility to the
> edge".  But I don't.

No, it hasn't flopped. It just hasn't reached critical mass yet.
<>  has some interesting stuff, including 
reports by Microsoft of their experience of SenderID, from Google of their 
positive experience with SPF and DKIM.

These surveys show the rate of growth of SPF record publication:

2005 - not measured
2006 - 6% of 1,756,827 zones with at least one working nameserver published 
SPF records
2007 - 12.6% of 2,053,150 ''
2008 - 16.72% of 1,000,000 ''

Google's conclusion: "Reputation based upon the authenticated sender’s 
domain works well for us. Spammers are easily identified, as are good 
senders. Only a few senders end up in the grey area in between, and for 
these we still have the traditional statistical filtering methods for 
classification. It is not without a few problems though, but we think they 
are small enough that they can be worked out eventually. We think 
reputation systems can work well for others too, and we hope to see more 
senders authenticating and observing good sending practices because of it."

They're referring to a combination of SPF (good for early decisions, based 
on recipient preferences) and DKIM (protects forwarded email).

Ian Eiloart
IT Services, University of Sussex
01273-873148 x3148
For new support requests, see