SPF - Adoption problems abound

With everyone (ok, not everyone, but anyone trying to cut down on spam) talking about SPF, and installing TXT records to help prevent joe jobs, and setting deny rules up to keep their domains clean, the proposed SPF system has some major hurdles to overcome before it will work well, if at all.

My major concern is the issue with it breaking the traditional forwarding system in place on thousands of mailservers worldwide. SPF requires the originating mailserver(s) to match with the TXT record set for that domain. However, traditional mailservers that have forwards setup (i.e. john@mydomain.com forwards to johnc@gmail.com) will now no longer work because the envelope has not been rewritten. Of course patches are available to make them compliant (named SRS), but the adoption rate is quite low, as there is no set standard or industry adoption on a global level yet.

The harm that can be done by implementing SPF on your domain now is that if you send an email to anyone that uses a forward at wherever they have email service, they may never get that email due to the forwarding system not rewriting the envelope. And if they forward to any of the big players such as aol, yahoo, gmail, etc... you can bet the email servers there will reject on an SPF mismatch if you broadcast a strict deny DNS record if the originating IP/domain does not match your allowed list.

One link I found that explains some of the shortcomings is:
http://homepages.tesco.net/~J.deBoyn...s-harmful.html

I think the idea of SPF is great, but we will not be adopting it anytime soon, as the problems with email being rejected because of forwarding are still too large. The benefits at this time do not outweigh the consequences of fully adopting SPF IMHO.

Thoughts?

- John C.

 

 

 

 

Top