[GTER] Fw: [spf-announce] Website relaunch / Increasing SPF deployment and software support / The 2007 council elections

Thu Dec 14 11:03:19 -02 2006

Repassando aos colegas...
Novidades do OpenSPF.org

Um Grande Abraco,
-- 
   Durval Menezes (durval AT tmp DOT com DOT br, http://www.tmp.com.br/)

----- Forwarded message from Julian Mehnle <julian at mehnle.net> -----
From: Julian Mehnle <julian at mehnle.net>
To: SPF Announcements <spf-announce at v2.listbox.com>
Subject: [spf-announce] Website relaunch / Increasing SPF deployment and software support / The 2007 council elections
Date: Thu, 14 Dec 2006 12:34:03 +0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

HTML: http://www.openspf.org/News/2006-12-14

======================================================================
NEWS FROM THE SENDER POLICY FRAMEWORK (SPF) PROJECT
======================================================================

- ----------------------------------------------------------------------
New and improved: The SPF website: http://www.openspf.org
- ----------------------------------------------------------------------

After a long period of planning and a lot of volunteer work, the SPF 
project is happy to present you its new website at:

  http://www.openspf.org

We have consolidated all the useful information about SPF from the old 
website[1], and we have expanded our "FAQ"[2] and "Best Practices"[3] 
sections.  Be sure to pay a visit to the new website and recommend it
to your peers (and bosses)!

- ----------------------------------------------------------------------
Significant increase in SPF deployment
- ----------------------------------------------------------------------

The publishing of SPF sender policies has increased significantly in
2006.  A recent survey[4] by MarkMonitor reports a total of over
4,000,000 SPF records published within just the .com/.net/.org top-
level domains, comprising nearly 6% of all registered .com/.net/.org 
domains!

While that may sound like a small portion of domains, note that most
e-mail traffic on the Internet is sent from only a minority of all
domains, while most domains just send very few messages (compared to
the others) or none at all.  Indeed, a study[5] conducted by IronPort 
earlier this year reported roughly 35% of all Internet e-mail to be 
covered by SPF records (or "SIDF", as Microsoft prefers to call it).

With the continued engagement of all the e-mail white-hats out there
and the help of our support team[6] and record publishing tools[7],
we expect significant further adoption in 2007.  You hear someone 
complaining about their domain getting forged by spammers?  Remember
to recommend them deploying SPF[8] and other sender authentication 
methods[9]!

- ----------------------------------------------------------------------
Growing support in mail servers
- ----------------------------------------------------------------------

SPF is a double-edged sword.  The publishing of sender policies being
the one edge, their enforcement at the receivers' ends is the other.
Support for checking SPF policies in mail server software[10] has also 
grown a lot in 2006.  Practically all major mail server packages now 
provide SPF checking either natively or through at least one plug-in.
If you have held off on deploying SPF checking to your e-mail setup so
far, now there is little excuse not to make this one of your New
Year's resolutions!

- ----------------------------------------------------------------------
The official RFC 4408 test-suite
- ----------------------------------------------------------------------

And we have a holiday present for the developers of e-mail server or
client software among you, too. After the final SPFv1 specification
[11] was released as RFC 4408 earlier this year[12], we have now
created a comprehensive official test-suite[13] for it.  If you are 
implementing SPF support in your software or simply want to verify the 
correctness of your existing implementation, you can now run our long
list of tests against it and see if you have implemented all of the 
specification's aspects correctly.  For questions on and assistance in 
using the test-suite, please join the spf-devel mailing list[14].

- ----------------------------------------------------------------------
New SPF libraries: pyspf 2.0 and Mail::SPF
- ----------------------------------------------------------------------

Even more holiday presents! Two new SPF libraries have recently been 
released that completely pass the RFC 4408 test-suite:

The pyspf Python module[15] has been released as version 2.0.  pyspf
2.0 was the first SPF implementation to fully conform to RFC 4408.
This release has also added IPv6 support.  pyspf is the library behind 
several of the project's SPF record testing tools[7].

The new Mail::SPF Perl module[16] is a successor to the old Mail::
SPF::Query module, which was the very first SPF implementation and
evolved in parallel with the specification over time[17], thus having
a baroque design and many smaller problems and incompatibilities with
RFC 4408.  Mail::SPF is a complete object-oriented rewrite and
conforms fully to RFC 4408.  It also is very thoroughly documented and 
finally supports IPv6 as well as both the DNS "TXT" record type and
the new "SPF" record type.

- ----------------------------------------------------------------------
The upcoming 2007 SPF Council elections
- ----------------------------------------------------------------------

The 2006 term of the SPF Council[18], the project's steering group, is 
coming to an end in January 2007, and it will be up to the project's 
community to elect a new council for the coming year.  By the election 
procedures[19], those who wish to vote in the election will have to be 
subscribed to the spf-discuss mailing list[14] as of 2007-01-08
00:00 UTC.  The election process will then start with voters regis-
tration and the nomination of candidates.  A separate announcement of
the elections will be sent at the beginning of the new year.

- ----------------------------------------------------------------------
References
- ----------------------------------------------------------------------

 1. http://old.openspf.org
 2. http://www.openspf.org/FAQ
 3. http://www.openspf.org/Best_Practices
 4. http://www.markmonitor.com/spfreport/
 5. http://www.ironport.com/company/ironport_pr_2006-04-19-1.html
 6. http://www.openspf.org/Support
 7. http://www.openspf.org/Tools
 8. http://www.openspf.org/Introduction
 9. http://www.openspf.org/Related_Solutions
10. http://www.openspf.org/Implementations#mtas
11. http://www.openspf.org/Specifications
12. http://www.openspf.org/News/SPFv1_is_RFC_4408#rfc4408
13. http://www.openspf.org/Test_Suite
14. http://www.openspf.org/Forums
15. http://cheeseshop.python.org/pypi/pyspf/
16. http://search.cpan.org/dist/Mail-SPF/
17. http://www.openspf.org/Specifications#historic
18. http://www.openspf.org/Council
19. http://www.openspf.org/Council_Election

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFFgUS7wL7PKlBZWjsRAlt0AKCBPKslEoopQ0RFQJOpGlxqIjvhYACgrqJI
M4Bq/348ECQExzASS7e/vTo=
=JGbF
-----END PGP SIGNATURE-----

----------
To unsubscribe from this list, or change the email address where you receive messages,
please go to http://v2.listbox.com/member/?list_id=736

----- End forwarded message -----