Subj : Re: wcsap.ini recommendations To : All From : DAVE GOURD Date : Thu Jan 31 2019 19:18:36 Date: Thu, 04 May 2006 10:53:58 -0400 From: DAVE GOURD To: HECTOR SANTOS Subject: Re: wcsap.ini recommendations Newsgroups: win.server.smtp.&.avs Message-ID: <1146754438.46.1146515007@winserver.com> References: <1146515007.46.1146453077@winserver.com> X-WcMsg-Attr: Rcvd X-Mailer: Wildcat! Interactive Net Server v7.0.454.5 Lines: 88 Thanks for the insight on this subject Hector. We'll take your views under advisement. -- D On 5/1/06 4:20 PM, HECTOR SANTOS wrote to DAVE GOURD: -> From: Dave Gourd -> -> -> > I have read the help files and text in re the wcsap.ini settings, but -> > looking at best and most widely practiced settings for -> > -> > Accept-SPF-SoftFail and -> > Accept-SPF-Neutral and -> > RecursionLimit -> > -> > I have them at (false, false, 20) but want max impact on bad senders. -> > Not 100% sure what the recursion limit is about. -> > -> > I agree with Hector's reasoning - pass/fail, no maybes, since it's -> > like saying no in a soft voice when you should be using a 2x4 to -> > impress someone. -> > -> > What setting for the above have the greatest impact on spammers? -> -> SPF defines a "policy" for a domain to expose which machines he is allowed -> to send mail from on behalf of the domain name. So if you say gourd.com -> should only come from your IP machine 1.2.3.4, then you can have an SPF -> record that defines that rule. -> -> What is that really that HARD of a rule for other sides? if you have an -> AOL.COM account, is AOL saying you can only send mail using their machine or -> are you allowed to send it from lets say a Internet Cafe or some laptop -> while on vacation? -> -> There is where some sites will use a NEUTRAL or SOFTFAIL policy when the IP -> does not machine the list they provide. They are saying, -> -> "Look, the IP didn't match, but this may not really be a bad thing, -> because the user is allowed to use our domain name from other -> machines. -> So we don't know. Your call." -> -> Today, if the policy is NEUTRAL, you are suppose to ignore the result and -> continue checking for other things. -> -> Buf if it says SOFTFAIL, then its up to you. -> -> The default we have was: -> -> Accept-SPF-SoftFail FALSE ; if false, continue testing -> Accept-SPF-Neutral False ; if false, continue testing -> -> Many SPF people are changing the first (SOFTFAIL) one to TRUE, which says -> don't continue, consider it as a failure. -> -> Again, that is a local policy (your) decision. You might want to discuss -> this with other SPF sysops in the official SPF mailing lists, SPF-HELP (for -> administrators) or SPF-DISCUSS (more technical regarding future -> specifications). -> -> > Although I am concerned with potential falsing or unintentional -> > blocking, I would rather lose 5 potential customers' inquiry msgs -> > than lose one solid customer's communciations - the old bird in the hand -> > or 2 in the bush analogy. -> -> Well, the safe way is to keep it FALSE, but like I said, many people are -> using SOFTFAIL policies for rejection. If a domain is exposing a SOFTFAIL -> handling, then it is probably saying -> -> "Look, we really didn't expect this. The IP should match our domain. -> Do what you like with it. We will not vouch for it." -> -> But for a NEUTRAL, it is saying, It is possible they could be a mismatch, -> don't reject it. I personally do not believe in a NEUTRAL policy, but there -> are many outsourcing places where you can get an email address and use it -> from any machine. Spammers exploit the bad side of it, but there is also -> the defensiveless good side. -> --- Platinum Xpress/Win/WINServer v3.1 * Origin: Prison Board BBS Mesquite Tx //telnet.RDFIG.NET www. (1:124/5013) .