Dan McDonald wrote on Wed, 22 Oct 2008 11:11:13 -0500:

> I'm not certain what you are talking about. SPF is very commonly
> deployed.
> http://www.openspf.org/Statistics

I don't see that you can deduce "is very commonly deployed" from that page.

> See especially http://utility.nokia.net/~lars/meter/spf.html

These figures are bogus.
> Lars Eggert added SPF to his set of experimental deployment meters. At the
> moment his statistics covers only "top"-Alexa sites for ten countries and
> the world, plus the domains used in e-mail addresses of current
> Internet-draft authors. On that somewhat limited base almost half of
> these "top"-domains publish some kind of SPF policy.

BTW: have you checked how SPF plays out in your SA rules? I find that SPF_FAIL,
SPF_HELO_PASS or SPF_PASS all have over 90/95% ham which makes the rules somewhat
indistinguishable. This means that 95% of the mail that fails SPF is actually
desired mail. On the other hand the SPF_HELO_PASS/SPF_PASS seems to be indicate of ham, it
hits on 95% ham. e.g. you can use it for negative scoring at least a little bit.


Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com