In <200303072019(_dot_)h27KJbB7027471(_at_)calcite(_dot_)rhyolite(_dot_)com>
Vernon Schryver <vjs(_at_)calcite(_dot_)rhyolite(_dot_)com> writes:
From: "Gary Feldman" <gaf(_at_)rtr(_dot_)com>
There is a difference between the From_ header and the From: header.
As suggested in my previous email, I find the use of the term "From_
header" confusing.
Such alarms are valuable because imprecise language often indicates
imprecise or simply wrong thinking.
I can't say what the other person meant, but:
[ correct explaination deleted ]
Thanks for giving Gary the explanation Vernon, I'm sorry for any
confusion my archaic terminology caused and for exposing my UUCP
roots. I'll try to use more modern (and accurate) terminology in the
future. For what is worth, there are still thousands of references to
"from_ header" out there on the net.
The point remains that domain specific DNSBLs are incredibly easy to
implement and to provide some measure of authentication of where mail
claims to be from. I still have doubts about whether this
authentication will reduce the spam problem. I have much stronger
doubts about whether adding a new DNS RMX record will be worth the
effort.
For what it is worth, Spamassassin already does some of these kinds of
checks. There appears to be some better spots to do this kind of
checking in spamassassin than my original 20 line patch used. I may
try hacking on SA a little more to see if I can get a good, general
patch that others can test.
The nice thing about spamassassin is that no single check will cause a
false positive. You can check all sorts of headers via a DSDNSBL and
as long as there is some correspondence between "unauthorized" use of
a domain and spam, it can be a useful check.
-wayne
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg