It's an arms race, as always. No single weapon wins.
SPF helps. Here's how, in the presence of domain-burning
SPF-publishing spammers:
1. Greylisting: Email from a new domain that passes SPF is greylisted
for 30 minutes.
2. Spamtraps: Email that hits a spamtrap, and which passes SPF, causes
the domain to be blacklisted. This will typically take well under
30 minutes for a serious spam run.
3. When the greylisting expires, the domain is blacklisted.
The spammer has an incentive to push out crap quickly, in order to get
a lot past the non-greylisting receivers before he hits the blacklist;
he also has an incentive to push crap out slowly, hoping to get some
through to the greylisting sites before he hits the blacklists.
Seth
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg