headers
Jigar Raval | 10 Jul 05:54

spf and gmail

Dear All,

We have published our spf record. By spf testing tool, it shows working fine. But when i send a mail with my
domain which is not generated from autorized server, the gmail accept. By checking full header in gmail,
it shows hardfail etc.. So, if gmail has adpoted spf checking and the domain who has published spf why gmail
is accepting mail ? What is the reason ?

With Regards,

Raval Jigar A.
Engineer-SC (Computer)
Physical Research Laboratory
(Dept. Of Space, Govt. of India)
Ahmedabad-9.
Permalink | Reply |
headers
Rob MacGregor | 10 Jul 08:15

Re: spf and gmail

On Thu, Jul 10, 2008 at 04:56, Jigar Raval <jigar_prl <at> yahoo.com> wrote:
> Dear All,
>
> We have published our spf record. By spf testing tool, it shows working fine. But when i send a mail with my
domain which is not generated from autorized server, the gmail accept. By checking full header in gmail,
it shows hardfail etc.. So, if gmail has adpoted spf checking and the domain who has published spf why gmail
is accepting mail ? What is the reason ?

This was discussed recently on the list, if you search the archives
I'm sure you'll find it.  The short answer is, there's nothing to
force recipients to reject email that fails SPF (or accept email that
passes it).  These things are a local policy decision - the SPF record
simply provides a suggestion/recommendation as to how the email is
handled (I've seen reports of email rejected when the SPF record was
using ?all).

--

-- 
Rob MacGregor
 Whoever fights monsters should see to it that in the process he
 doesn't become a monster. Friedrich Nietzsche
Permalink | Reply |
headers
Frank Ellermann | 10 Jul 16:14

Re: spf and gmail

Rob MacGregor wrote:

> The short answer is, there's nothing to force recipients to
> reject email that fails SPF (or accept email that passes it).

Hi, I'm mainly checking that SPF Help is really working again
via GMaNe after some months...

Gmail now rejects broken or missing DKIM signatures for PayPal
phishes, hopefully they'll also reject SPF FAIL at some point
in time.  Obviously they evaluate SPF, and use it as input in
their spam or no spam decisions.  Gmail users with convoluted
"forward to Gmail" setups should watch their Gmail spam folder:

An "accept SPF FAIL, but treat it as suspicious" strategy is 
quite dangerous in comparison with a simple "reject SPF FAIL".

 Frank
Permalink | Reply |
headers
Frank Ellermann | 10 Jul 18:04

Re: spf and gmail

> Hi, I'm mainly checking that SPF Help is really working again
> via GMaNe after some months...

> Gmail now rejects broken or missing DKIM signatures for PayPal
> phishes, hopefully they'll also reject SPF FAIL at some point
[...]

Good, works again, and triggered four out of office mails from
unknown strangers:  Spamcopped with "OOO mail in violation of
RFC 3834 and maybe also RFC 5230".

 Frank
Permalink | Reply |

Gmane