SMC Milter - Comparative Analysis
Comparative analysis of AutoSPF technology
Our choice of SPF technology (Sender Policy Framework) as an analogue for comparing with AutoSPF is conditioned by general ideological kinship of the solutions. AutoSPF automatic sender verification technology is quite similar to popular nowadays SPF technology. Both algorithms enable the letter recipient to check legality of using the sender mail server for sending e-mail from the address indicated in the message. The check reveals a probability of letter's being trustworthy. The main distinction of AutoSPF algorithm consists in it's ability to work with existing information, unlike SPF algorithm which requires the sender's supporting SPF technology. Both algorithms use DNS records for verification of messages issuing from the involved domain. In case of AutoSPF technology application the administrator (owner) of the domain uses DNS to publish data describing potential e-mail sources which have sender addresses relating to the domain. In case of AutoSPF application it is considered that DNS records initially content enough information for sender verification and mail system modification on the sender's side is not required. SPF technology is more flexible when it comes to domain policy setup. On the other hand, at present such flexibility is necessary in exceptional cases and often stays unclaimed. Tables 1 and 2 show the results of both algorithms testing by example of one month statistics of letters with published document SPF policy. In Table 1 all messages having SPF status different from Pass and Fail are unified into the group Other. In practice such messges can be regarded in SPF terminology as having Softfail SPF status. The description of SPF statuses being in use is quoted in Table 3. As AutoSPF algorithm is not used for e-mail blocking, Table 2 consists nearest SPF statuses indicated parenthetically for reference.
Table 1
| SPF status | Part of this status having messages | |
|---|---|---|
| Spam | Regular e-mail | |
| Pass | 3.9% | 72.4% |
| Fail | 30.2% | 0% |
| Other (Softfail) | 65.9% | 27.6% |
Table 2
| AutoSPF status | Part of this status having messages | |
|---|---|---|
| Spam | Regular e-mail | |
| Related (Pass) | 4.8% | 89.4% |
| Not Related (Softfail) | 69.8% | 10.6% |
| Unknown | 25.4% | 0% |
Table 3
| SPF status | Description |
|---|---|
| Pass | According to SPF policy,the message should be accepted. |
| Fail | SPF policy is violated. It is recommended to reject the letter. |
| Softfail | SPF policy is violated, but it is recommended to accept the letter. |
| Neutral | Nothing can be said about validity, but it is recommended to accept the letter. |
| None | Sender domain has no SPF records. |
| PermError | Permanent error (e.g. incorrect SPF record). |
| TempError | Temporary error. |
Analysis of the SPF records published by mail domain owners showed that most of them repeat the information which is already available in DNS. For example, for the results of SPF-proved messages re-checked with AutoSPF the algorithms show practically full coincidence. At that, AutoSPF does not require publishing additional information in the sender mail domain description. Sender verification algorithms are not designed for spam detection and if message sender meets all requirements of an algorithm, a sender will be considered verified, and a message - legal. The statistics we have collected shows sufficiently big number of such letters (3 to 5 per cent). It proves one more time that spam problem can not be solved efficiently by using only programming methods.