ietf-mxcomp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: SPF PASS (was: "If you believe that the SPF concept is fundamentally flawed, please subscribe at http://www.imc.org/ietf-mxcomp/")

2005-05-26 04:20:48
from [Carl Hutzler] [Permanent Link] 

nobody(_at_)xyzzy(_dot_)claranet(_dot_)de wrote:


Carl Hutzler wrote:


Is this use of SPF flawed?

[...]

If the [connecting IP] = [SPF record] then "trust it
more/whitelist"


It's perfectly possible for a spammer to get a PASS.  You
wouldn't whitelist a spammer.  But it's impossible for a
spammer to pretend to be me, he'd get a FAIL (in my case).

Unless I'm this spammer of course.
Actually, we DO WHITELIST SPAMMERS. I mean it happens. We don't want it to happen a lot, but it does. See we also monitor everyone on the WL very closely via volume, complaint, and bounce rates. So while a spammer could get onto the whitelist, they won't be for long. And a new spammer will have very low limits placed on how much they can send via a simple SPF=whitelist type method. Now if they prove once on the SPF=whitelist that they are a good sender, we would bump up their rate limits....or if they contact us to get "accredited" via our postmaster.aol.com webpage where you can simply ask to be on the whitelist, we might let them in with higher limits on day 1. We do this of course for well known organizations. 



valuable reverse MX records which cover well over 95% of
the email traffic on the internet today.


Is that a guess ?  95% is a rather high number.
OK, 85%. Is that better? Still beats the 80/20 rule easily. How much mail is not sent directly from the sending ISP to the destination ISP. For AOL it is a small number. 


Perhaps SPF should be updated to have the above logic.


You can use it this way.  But whitelisting a PASS only
because it's a PASS is no long term strategy:
"v=spf1 +exists:{ir}.comcast.blackholes.us -all"
See above. It actually IS very good for AOL because of all our other reputation based logic. Perhaps not every ISP can build this, but we do have one. Of course many 3rd party products are out there that do what we do...SenderBase (volume/bounces), SpamCop (complaints), Spamnet (complaints), etc. 


Back to my day job :-)


Be careful with mail from these comcast IPs, bye, Frank





--
Carl Hutzler
Director, Host Mail Development
America Online
cdhutzler(_at_)aol(_dot_)com
703.265.5521 work
703.915.6862 cell
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: "If you believe that the SPF concept is fundamentally flawed, please subscribe at http://www.imc.org/ietf-mxcomp/", Carl Hutzler
Next by Date:  RE: SPF PASS (was: "If you believe that the SPF concept is fundam entally flawed, please subscribe at http://www.imc.org/ietf-mxcomp/"), Sukhenko, Alex
Previous by Thread:  SPF PASS (was: "If you believe that the SPF concept is fundamentally flawed, please subscribe at http://www.imc.org/ietf-mxcomp/"), Frank Ellermann
Next by Thread:  Re: SPF PASS, Frank Ellermann
Indexes:  [Date] [Thread] [Top] [All Lists]