IETF Logo Mail Archive

Re: [spfbis] Local macros strike again, was Suggestion...

Philip Gladstone <pgladstone@cisco.com> Wed, 18 January 2012 14:40 UTC

Return-Path: <pgladstone@cisco.com>
X-Original-To: spfbis@ietfa.amsl.com
Delivered-To: spfbis@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 20F0321F87FD for <spfbis@ietfa.amsl.com>; Wed, 18 Jan 2012 06:40:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.332
X-Spam-Level:
X-Spam-Status: No, score=-3.332 tagged_above=-999 required=5 tests=[AWL=-1.333, BAYES_00=-2.599, J_CHICKENPOX_12=0.6]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id r+qn6zbySH9j for <spfbis@ietfa.amsl.com>; Wed, 18 Jan 2012 06:40:31 -0800 (PST)
Received: from bgl-iport-2.cisco.com (bgl-iport-2.cisco.com [72.163.197.26]) by ietfa.amsl.com (Postfix) with ESMTP id 3464721F87FA for <spfbis@ietf.org>; Wed, 18 Jan 2012 06:40:30 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=pgladstone@cisco.com; l=1658; q=dns/txt; s=iport; t=1326897631; x=1328107231; h=message-id:date:from:mime-version:to:subject:references: in-reply-to:content-transfer-encoding; bh=GT8zrjy0D3foZslgy1ar//WAiPiXh8WFROPR7tBLAuU=; b=nBXqjT8dBBBCSR9biI7Xb6QB2Xcc0eD3OTJG7GtUsgtcVz2wczyTLxeS Di4ojCIXUT7rYv/cMKtW0bhwId058/yFQGNLV3FHAabV/CSoY0wVwQo9V BxRbDjaeCr2lm+dMVs7dM9oRLaY0FjZwf9oDi1ie22XGGhF3LR2wppjEe 4=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AqAEAB/ZFk9Io8UY/2dsb2JhbABBA4UEp0GCBoFyAQEBBBIBEBVADwILGAICBRYLAgIJAwIBAgEJPBMGAgEBHqIEAYxikgYEgSuICQEBCAQNFAIBAgEBDQUEEQUBBgEBBgEFByUBAgEBBQMBAQEBAhYVAwEGDAcCAgMdAwEGCQIBDQEBAwsCCwILAwEBCYExAQEFAgMHAQEBAgEBAQEcAgYBRwWCBoEWBIg7jFiFVY0P
X-IronPort-AV: E=Sophos;i="4.71,529,1320624000"; d="scan'208";a="3677531"
Received: from vla196-nat.cisco.com (HELO bgl-core-1.cisco.com) ([72.163.197.24]) by bgl-iport-2.cisco.com with ESMTP; 18 Jan 2012 14:40:29 +0000
Received: from [161.44.106.143] (dhcp-161-44-106-143.cisco.com [161.44.106.143]) by bgl-core-1.cisco.com (8.14.3/8.14.3) with ESMTP id q0IEeSfS019583 for <spfbis@ietf.org>; Wed, 18 Jan 2012 14:40:29 GMT
Message-ID: <4F16D9DB.6040700@cisco.com>
Date: Wed, 18 Jan 2012 09:40:27 -0500
From: Philip Gladstone <pgladstone@cisco.com>
Organization: Cisco Systems, Inc
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:8.0) Gecko/20111105 Thunderbird/8.0
MIME-Version: 1.0
To: spfbis@ietf.org
References: <F5833273385BB34F99288B3648C4F06F19C6C15673@EXCH-C2.corp.cloudmark.com> <4EF8F336.8080508@gathman.org> <F5833273385BB34F99288B3648C4F06F19C6C1569C@EXCH-C2.corp.cloudmark.com> <1590867.1quv5UxKKV@scott-latitude-e6320> <4EFCB88A.1080104@mail-abuse.org> <4EFE6F39.90000@isdg.net> <4F0358CC.6030505@mail-abuse.org> <4F03775B.4050905@isdg.net> <4F04E292.9030502@mail-abuse.org> <4F04FB1C.7070302@isdg.net> <4F060E74.2070103@cisco.com> <4F063F09.3030900@isdg.net> <4F06884D.2070509@mail-abuse.org> <4F082861.5080803@tana.it> <4F09269C.6090402@isdg.net> <4F0B0035.3050106@cisco.com> <4F0C9777.1090904@mail-abuse.org> <4F0C9E61.1010306@cisco.com> <4F0DD063.5090103@tana.it> <4F0E0A7E.1040905@isdg.net> <Pine.GSO.4.62.1201111726390.13909@spaz.oit.wmich.edu> <4F10BEED.7050207@mail-abuse.org> <4F10DD94.8040905@isdg.net> <4F1190BB.9080202@mail-abuse.org> <4F16A2FB.3070709@isdg.net>
In-Reply-To: <4F16A2FB.3070709@isdg.net>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Subject: Re: [spfbis] Local macros strike again, was Suggestion...
X-BeenThere: spfbis@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: SPFbis discussion list <spfbis.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spfbis>, <mailto:spfbis-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/spfbis>
List-Post: <mailto:spfbis@ietf.org>
List-Help: <mailto:spfbis-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spfbis>, <mailto:spfbis-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 18 Jan 2012 14:40:32 -0000

On 1/18/2012 5:46 AM, Hector Santos wrote:
> I have a hard time understanding why would any system screw around
> with a guessing game  of "SPF default record" with completely not
> possibility for actual accuracy and yet, expect there would not be
> problem or rather begin to use this as some basis that something is
> broken about SPF!  I don't get it Doug. This would is already random.
> I see no way to presume there is a default SPF record without falling
> into trouble.
>
> Now, if it was fundamentally the case that Senders *always* used an
> machine among the Receiveer network of MX host IP addresses, then I
> can see some default rules.  Sure.  But that is not reality. There is
> no requirement that a Sender machine must be part of any RECEIVER (MX)
> network.  This applies closer to smaller systems but not with larger
> network systems and not even with smaller systems.
>
> I just don't see why you think this has any value.
>
I think that the question could be rephrased as:

For a particular receiving MTA, for all mail senders who do not publish 
an SPF record, does the addition of "a mx/24 ~all" improve spam 
detection accuracy or not?

It is clear that using this record will cause all spam to be marked as 
~. Depending on your spam detection algorithm, this may be the level 
that you would select if there was no SPF processing. If this is the 
case, then the "a mx/24" record will only improve the situation.

Philip

-- 
Philip Gladstone
Distinguished Engineer
Product Development
pgladstone@cisco.com
Phone: +1 978-ZEN-TOAD (+1 978 936 8623)
Google: +1 978 800 1010
Ham radio: N1DQ

v2.23.0 | Report a Bug | By Email