Home | Sitemap | Recent Changes | Login
SPF Logo

Sender Policy Framework

History of FAQ/Best guess record


Revision 4 . . 2010-05-28 8:14 (UTC) by Scott Kitterman [Updated for deprecating best guess]
Revision 3 . . (edit) 2006-04-26 1:29 (UTC) by nobody [system maintenance: updated page]
Revision 2 . . 2006-04-24 0:52 (UTC) by Julian Mehnle [improved the description of best-guess processing]
Revision 1 . . 2006-03-11 5:59 (UTC) by Scott Kitterman
  
Difference (from prior major revision) (no other diffs)
Paragraph 6Paragraph 6

Other implementations may implement best-guess differently or not at all.

Other implementations may implement best-guess differently or not at all.

Some find this remarkably good at detecting unforged messages from domains that have not yet published SPF records.  Others consider it a security hole because it gives attackers a lot of additional potential targes (authorized hosts) to hack in order to abuse the domain.

The practice is deprecated and should generally be avoided. While it may be useful in certain specific circumstances it's not part of the SPF protocol and results of guessing SPF like records should not be referred to as SPF results.