Martijn Grooten
2013-02-12 11:01:16 UTC
I had promised to produce some stats on SPF and spam.
Over the Christmas holidays, I sent over 60k spam messages through 21 spam filters in the spam-filter test I run regularly. I checked the SPF status of the messages and measured how many filters failed to block each message.
Here are the results:
SPF fail: 3171 emails, on average missed by 0.24 filters (out of 21) with a standard deviation of 0.04.
SPF pass: 8106 emails, avg 0.93, stddev 0.23
SPF softfail: 8672 emails, avg 0.45, stddev 0.09
SPF neutral: 13466 emails, avg 0.34, stddev 0.04
SPF none: 26938 emails, avg 0.43, stddev 0.06
A neater table and a graph can be found here: http://www.virusbtn.com/news/2013/02_04.xml
Now correlation doesn't imply causation and there are good reasons why the relationship here may not causal, but let's for a moment we assume it is.
This means that if you're a spammer, failing SPF isn't a good idea, while making sure your emails pass SPF means you're more likely to see your messages delivered, but you by no means get a free ride to users' inboxes.
If you find a 'clever' way to avoid failing SPF by using a domain with no SPF record, there is only a small improvement in your delivery rates.
Martijn.
________________________________
Virus Bulletin Ltd, The Pentagon, Abingdon, OX14 3YP, England.
Company Reg No: 2388295. VAT Reg No: GB 532 5598 33.
Over the Christmas holidays, I sent over 60k spam messages through 21 spam filters in the spam-filter test I run regularly. I checked the SPF status of the messages and measured how many filters failed to block each message.
Here are the results:
SPF fail: 3171 emails, on average missed by 0.24 filters (out of 21) with a standard deviation of 0.04.
SPF pass: 8106 emails, avg 0.93, stddev 0.23
SPF softfail: 8672 emails, avg 0.45, stddev 0.09
SPF neutral: 13466 emails, avg 0.34, stddev 0.04
SPF none: 26938 emails, avg 0.43, stddev 0.06
A neater table and a graph can be found here: http://www.virusbtn.com/news/2013/02_04.xml
Now correlation doesn't imply causation and there are good reasons why the relationship here may not causal, but let's for a moment we assume it is.
This means that if you're a spammer, failing SPF isn't a good idea, while making sure your emails pass SPF means you're more likely to see your messages delivered, but you by no means get a free ride to users' inboxes.
If you find a 'clever' way to avoid failing SPF by using a domain with no SPF record, there is only a small improvement in your delivery rates.
Martijn.
________________________________
Virus Bulletin Ltd, The Pentagon, Abingdon, OX14 3YP, England.
Company Reg No: 2388295. VAT Reg No: GB 532 5598 33.