On Fri, 10 Sep 2004 13:50:33 +0200, Markus Stumpf
<maex-lists-spam-ietf-asrg(_at_)space(_dot_)net> wrote:
On Thu, Sep 09, 2004 at 06:54:59PM -0500, Jim Witte wrote:
Why not try to get the press to grab something the SPF *can* do -
like perhaps stop the flood of V1(_at_)GR@ and C10L1S ads that keep filling
my inbox, coming from God-knows where. Or the porn, or the occassional
spam I get that's in either Chinese, Japanese, or Korean (I read none,
but it's in *something* I can't read).
Sorry, but I really fail to see how SPF can do all this.
SPF *could* do it *if* the spammers forge a domain that is using
SPF records *and* the sending IP is not authorized by the SPF settings.
Spammers run bot networks with up 500000 hosts - maybe more.
Just have a look at your maillogs
cooldictionary.com
forbetterjobs.net
<snip list of domains>
OK, so you know those domains belong to spammers. If you receive mail
apparently from one of those domains which passes SPF, you *know*
you've received a spam. Thanks, spammer, for confirming your identity
and making it easy for us.
An SPF failure is a de-facto reson to block (assuming you don't like
to receive spoofed mail). An SPF pass is an input to your reputation
system, which may confirm a blacklist entry and produce a 'block', or
confirm a whitelist entry and produce an 'accept'.
Peter
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg