ietf-mxcomp
[Top] [All Lists]

Re: SPF abused by spammers

2004-09-09 09:15:58

On Sep 9, 2004, at 18:11, william(at)elan.net wrote:

On Thu, 9 Sep 2004, Michael Hammer wrote:

AOL has NOT said they will do less stringent checking if you publish
an SPF record. What they have said is that in order to remain on their
whitelist (assuming you meet all of the other requirements) you must
publish SPF records.

"A requires B" does not mean "B implies A" i.e. A<B does not lead to B=A

So in order to be on their whitelist AOL will require to have published
SPF records. However those that published SPF records don't automaticly
get to be on the AOL whitelist!

It's pretty sad that people like the author of this article we got a link to still see 1:1 mapping between "remove spam" and "minimize the number of fake sender addresses". I thought "we" as a collective had educated enough people to not get articles like this.

Sigh...

More education needed, else any mechanism which try to stop fake sender addresses will fall in the same trap -- and be useless. We need ability to track spammers (i.e. more correct data about the sender), someone tracking and a legal system which penalizes the originator to show that "spam is not ok". All three things. One piece in the puzzle is not enough.

   paf

Patrik Fältström <paf(_at_)cisco(_dot_)com>                         Cisco 
Systems
Consulting Engineer                   Corporate Consulting Engineering
        PGP: 2DFC AAF6 16F0 F276 7843  2DC1 BC79 51D9 7D25 B8DC



<Prev in Thread] Current Thread [Next in Thread>