Absolutely, and that's precisely why SPF (like the other equally braindead
certification/identification schemes) is a non-solution for this problem.
Virus/worm authors can (literally overnight) shift to using the real E-mail
address belonging to the person whose machine they've infected, and just as
quickly all their worm/spam messages will fly through SPF (and similar)
domain-certification checks. :-( So we would have spent YEARS arguing over
and
maybe finally agreeing on and implementing something that literally
overnight
is
rendered useless. (And you know, the spammers love to get the last laugh
like
that, making everyone else look like the clueless idiots they are).
The reason that various forms of malware started using the tactic of
using randomly-found addresses inserted into FROM: headers in the
first place was to make it much more difficult to track down the
infected user/host and/or shutdown/disconnect the infected machine.
Well, except that it isn't. All the headers post-insertion presumably point
back at the (really) infected machine, or at least to the machine that first
accepted the bogus mail.
But the traceback, ultimately, isn't all that critical. The important thing is
simply that the spam not be delivered to anybody, or that if it IS delivered
it's simply not effective.
If malware reversed course in that regard, it would instantly become
vastly easier for anyone to locate/shutdown infected machines again -
even for tech-illiterate people. So I think that tactic shift on the
part of malware authors would be self-limiting.
I agree to the extent that ultimately the spammers are going to be put on the
defensive, but meanwhile, SPF and the like is NOT the way to solve the
spam/worm/virus problem. Other approaches are FAR more effective, better
controlled, more targeted, less expensive, faster, and with less deleterious
side-effects that harm legitimate mail and legitimate senders.
Gordon Peterson http://personal.terabites.com/
1977-2002 Twenty-fifth anniversary year of Local Area Networking!
Support free and fair US elections! http://stickers.defend-democracy.org
12/19/98: Partisan Republicans scornfully ignore the voters they "represent".
12/09/00: the date the Republican Party took down democracy in America.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg