[milters] Archive

Lists Index Date Thread Search

Article: 636
From: Michael Elliott
Date: 2005-07-01 19:47:35 -0400
Subject: Re: more private Re: New milter-spiff : A SPF-Classic implementation.

Removal...........: milters-request@milter.info?subject=remove
More information..: http://www.milter.info/#Support

One more thing.  A heavy vote against fail-discard, and even more
so against softfail-reject and softfail-discard.  

*-Discard means that the sending ISP tech sees a "status ok, message sent"
and the message never gets to the destination.  I get about 2 service
calls a week on stuff like that, and it makes it a bitch to trace.
The milter is during the smtp session.  So, either accept conclusively, 
or reject conclusively, don't leave a limbo case.

Per the spec, softfail should be accepted and subjected to more
filtering scrutiny.  It should not be rejected.  Specific examples
are hotmail.com and aol.com.  Both are easily processed by milter-sender
to verify that the users exist.  But, if milter-spiff rejects the mail,
you are dumping legit mail.  My logs show 20% of the softfails from those
two domains are killed by sendercallback.  Therefore, 80% is legit.
Don't give the sysadmin that much rope to hang himself with.  If you do,
at least give red warning signs saying that it goes beyond the spec and 
domain publisher's wishes.  

-Mike Elliott
Msen Sysadmin

Lists Index Date Thread Search