* Barry Shein:
Spammers no longer use static domains, and they haven't for years.
Spammers us ZOMBIE PCs.
These are virus-infected PCs which let spammers do whatever they like
with them, such as cause those PCs to send out millions of e-mail
messages.
So, you get an e-mail from viagra(_at_)adsl-24-73-19-222(_dot_)att(_dot_)net
and it's
SPF OK.
No, this is not the way SPF works, and it's also not the way spammers
will comply with its requirements.
Nowadays, a sizable chunk of all botnet-centered spamming activity
already uses dedicated second level domains to provide a DNS name for
the controlling IRC server. Registering a few additional domains to
send mail from domains with valid SPF records is a trivial step. You
can even generate SPF records dynamically with a narrow scope so that
these records are not distinguishable from legitimate ones.
In theory, SPF fixes the bounce problem. But this requires
significant deployment, and this is not going to happen. Only badly
configured MTAs (or poorly outdated MTA software such as qmail) send
NDRs for unknown users or messages containing malware. These MTAs
won't get magically fixed once there's a new RFC.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg