IETF Logo Mail Archive

Re: [spfbis] Local macros strike again, was Suggestion...

Hector Santos <hsantos@isdg.net> Fri, 20 January 2012 10:02 UTC

Return-Path: <hsantos@isdg.net>
X-Original-To: spfbis@ietfa.amsl.com
Delivered-To: spfbis@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8BD0521F856C for <spfbis@ietfa.amsl.com>; Fri, 20 Jan 2012 02:02:30 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.114
X-Spam-Level:
X-Spam-Status: No, score=-2.114 tagged_above=-999 required=5 tests=[AWL=0.485, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cGWo6CTqv2eF for <spfbis@ietfa.amsl.com>; Fri, 20 Jan 2012 02:02:25 -0800 (PST)
Received: from ntbbs.winserver.com (mail.santronics.com [208.247.131.9]) by ietfa.amsl.com (Postfix) with ESMTP id 6567421F855B for <spfbis@ietf.org>; Fri, 20 Jan 2012 02:02:24 -0800 (PST)
DKIM-Signature: v=1; d=isdg.net; s=tms1; a=rsa-sha1; c=simple/relaxed; l=2269; t=1327053736; h=Received:Received: Received:Received:Message-ID:Date:From:Organization:To:Subject: List-ID; bh=J1yL4S9fkYKatAdpwcKc5Q743ME=; b=N9uxYqACo4r1ddbnPxEu x3Z/jXFMj0VtZI0eAlaQxtF8EKma5cWQhE+30V1K33n7niBx357uftwCesU5oEdI 0Pfc7BF6++BdOBsJlfU0upwakYncgYr3ztngllH5bRcslD3Pz+Hf2TaMPtoNnmjG OpT5f2dLhQo2j5lsRcLY3eY=
Received: by winserver.com (Wildcat! SMTP Router v6.4.454.1) for spfbis@ietf.org; Fri, 20 Jan 2012 05:02:16 -0500
Authentication-Results: dkim.winserver.com; dkim=pass header.d=beta.winserver.com header.s=tms1 header.i=beta.winserver.com; adsp=pass policy=all author.d=isdg.net asl.d=beta.winserver.com;
Received: from opensite.winserver.com ([208.247.131.23]) by winserver.com (Wildcat! SMTP v6.4.454.1) with ESMTP id 255613163.44950.2420; Fri, 20 Jan 2012 05:02:15 -0500
DKIM-Signature: v=1; d=beta.winserver.com; s=tms1; a=rsa-sha256; c=simple/relaxed; l=2269; t=1327053549; h=Received:Received: Message-ID:Date:From:Organization:To:Subject:List-ID; bh=2y++ZUU vizxikWSN9L5Js5HcQ2s3nYsTMSSZeJZG34I=; b=UvPOJPpfWP/dwbOBwTvimG0 SvQ4DwbA8/BGUo6KzeQnYuEsY5RACSfome41ItBI/VjAmdzL/CBOcGa1qTw4sUlO ZK/CrbYqCrQ4ukFoUOU0UTp6ooL5Vqhx7LT0WRNKv5Nj96Ms+k+ASPb3tRB9kmoe CD3dcX3t9xby3C9P+Ecs=
Received: by beta.winserver.com (Wildcat! SMTP Router v6.4.454.1) for spfbis@ietf.org; Fri, 20 Jan 2012 04:59:09 -0500
Received: from [192.168.1.101] ([99.3.147.93]) by beta.winserver.com (Wildcat! SMTP v6.4.454.1) with ESMTP id 854572064.6261.6124; Fri, 20 Jan 2012 04:59:08 -0500
Message-ID: <4F193BA5.3020903@isdg.net>
Date: Fri, 20 Jan 2012 05:02:13 -0500
From: Hector Santos <hsantos@isdg.net>
Organization: Santronics Software, Inc.
User-Agent: Thunderbird 2.0.0.24 (Windows/20100228)
MIME-Version: 1.0
To: spfbis@ietf.org
References: <F5833273385BB34F99288B3648C4F06F19C6C15673@EXCH-C2.corp.cloudmark.com> <4EF8F336.8080508@gathman.org> <F5833273385BB34F99288B3648C4F06F19C6C1569C@EXCH-C2.corp.cloudmark.com> <1590867.1quv5UxKKV@scott-latitude-e6320> <4EFCB88A.1080104@mail-abuse.org> <4EFE6F39.90000@isdg.net> <4F0358CC.6030505@mail-abuse.org> <4F03775B.4050905@isdg.net> <4F04E292.9030502@mail-abuse.org> <4F04FB1C.7070302@isdg.net> <4F060E74.2070103@cisco.com> <4F063F09.3030900@isdg.net> <4F06884D.2070509@mail-abuse.org> <4F082861.5080803@tana.it> <4F09269C.6090402@isdg.net> <4F0B0035.3050106@cisco.com> <4F0C9777.1090904@mail-abuse.org> <4F0C9E61.1010306@cisco.com> <4F0DD063.5090103@tana.it> <4F0E0A7E.1040905@isdg.net> <Pine.GSO.4.62.1201111726390.13909@spaz.oit.wmich.edu> <4F10BEED.7050207@mail-abuse.org> <4F10DD94.8040905@isdg.net> <4F1190BB.9080202@mail-abuse.org> <4F16A2FB.3070709@isdg.net> <4F16D9DB.6040700@cisco.com>
In-Reply-To: <4F16D9DB.6040700@cisco.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Subject: Re: [spfbis] Local macros strike again, was Suggestion...
X-BeenThere: spfbis@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: SPFbis discussion list <spfbis.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spfbis>, <mailto:spfbis-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/spfbis>
List-Post: <mailto:spfbis@ietf.org>
List-Help: <mailto:spfbis-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spfbis>, <mailto:spfbis-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 20 Jan 2012 10:02:30 -0000

Philip Gladstone wrote:

>> Hector Santos:
>> I just don't see why you think this has any value.
>>
> I think that the question could be rephrased as:
> 
> For a particular receiving MTA, for all mail senders who do not publish 
> an SPF record, does the addition of "a mx/24 ~all" improve spam 
> detection accuracy or not?
> 
> It is clear that using this record will cause all spam to be marked as 
> ~. 

My Opinion.

I would think an ? (Neutral) would more closer follow technical 
expectations.  A Softfail (~) presumes a specific operational SMTP 
setup for the sender's receiver network being integrated in some 
fashion and since this is not a requirement, presuming a "level" of 
failure would be, IMO, erroneous if its to be reported as a SoftFail 
and there was never an official domain declaration, nor expectation, 
for this practice - a form of misrepsentation and tort.

> Depending on your spam detection algorithm, this may be the level
> that you would select if there was no SPF processing. If this is the 
> case, then the "a mx/24" record will only improve the situation.

IMO, only to get a PASS, at best, which can only yield a data point 
indicating the sender/receiver network is the same or related via the 
"a mx/24" rule. What value does this type of sender/receiver 
operational knowledge offer?

IMO, anything less than a PASS and more than unknown/neutral, i.e, 
soft fail, would have to be determined using some non-SPF logic. 
Perhaps an MX IP "RBL" check or perhaps an CBV on the return path 
which MUST NOT be invalid per 5321.

So it seems to me, this is more about "leveraging" SPF reporting for 
some form of "Failure" checking entirely unrelated to SPF.

Maybe the question is how much does a "A MX/24" rule apply today as 
compared to yester-years?  One can suggest that with multi-core and 
faster OS/hardware, tons of virtual memory, the TCO can be lowered by 
scaling up (more CPU) and reducing scaling out (less machines).  In 
this vain, I can see this rule being increasingly more applicable or 
imaginable to be true using a Pareto 80% of the time, but its still 
not a requirement for systems to be setup like this.

-- 
Hector Santos, CTO
http://www.santronics.com
http://santronics.blogspot.com

v2.23.0 | Report a Bug | By Email