ietf-mxcomp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: "If you believe that the SPF concept is fundamentally flawed, please subscribe at http://www.imc.org/ietf-mxcomp/"

2005-05-26 11:37:01
from [Mark] [Permanent Link] 



-----Original Message-----
From: owner-ietf-mxcomp(_at_)mail(_dot_)imc(_dot_)org
[mailto:owner-ietf-mxcomp(_at_)mail(_dot_)imc(_dot_)org] On Behalf Of Richard 
Clayton
Sent: donderdag 26 mei 2005 18:44
To: ietf-mxcomp(_at_)imc(_dot_)org
Subject: Re: "If you believe that the SPF concept is
fundamentally flawed, please subscribe at
http://www.imc.org/ietf-mxcomp/";

In article <200505261315(_dot_)j4QDFtoB048070(_at_)asarian-host(_dot_)net>, 
Mark
<admin(_at_)asarian-host(_dot_)net> writes


To sum it up:

1): Spammers causing their registered domains to "pass",
only identify and>set themselves up to be block-listed.


so it would be foolish of them to keep on using their domains


Ah, but they would not have much of a choice, now, would they? :) Because
registering their own domains, to make them SPF "pass",  was a stop-gap to
begin with, as they could no longer use the more reputable, protected
domains.


2): Email sent with reputable domains, used without authorization by
spammers,


so they can't borrow domains and send the email from their machines

with you so far :)


Yep; that's the idea.


Of course you may feel that if fred(_at_)example(_dot_)com is so dumb as
to install a spam-sending trojan that it serves him right if example.com
gets a really bad reputation.


In all fairness, yes. I mean, SPF will help you protect against the misuse
of your domain name by unauthorized relays. If you're no longer master of
your domain, so to speak, and your own, authorized machines start sending
out spam, well, then not even SPF can help you. But if you lost control
over your machine, then I'd say you probably have a bigger problem on your
hand than worrying about SPF.


However, if I have a need to swap email with
example.com employees how exactly has SPF improved the
situation here ?


If your own machines start spewing spam, against your will and control,
then your first order of business should be to tell your employees not to
chit-chat with others in email until they fixed the flagrant breach of
security. :) Seriously, though, here SPF cannot help you, either: in order
to exercise control over your domain, you kinda have to be in control of
your domain.


Seems to me SPF might have a few advantages relating to
back-scatter but that too much email is being forwarded
for that to work out in the near future. However,
promoting it on the basis that spammers will not change
their behaviour doesn't seem to be justified.


Whoever promoted SPF on the basis that spammers will not change should be
taken into the backyard and shot. :) SPF counts on spammers to change!

Try and look at SPF from a 'selfish' perspective: if you protect your own
domain name with SPF, then whatever other domains spammers use, at least
it won't be yours. And that 'selfish' point of view is really all a domain
owner is interested in: "So what if spammers will go use X instead? At
least they're not using Y any more, which is mine. And if that bothers the
domain owner of X, he is free to do the same."

- Mark 
 
        System Administrator Asarian-host.org
 
---
"If you were supposed to understand it,
we wouldn't call it code." - FedEx
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: SPF PASS (was: "If you believe that the SPF concept is fundam entally flawed, please subscribe at http://www.imc.org/ietf-mxcomp/"), Julian Mehnle
Next by Date:  Re: SPF PASS, Frank Ellermann
Previous by Thread:  Re: "If you believe that the SPF concept is fundamentally flawed, please subscribe at http://www.imc.org/ietf-mxcomp/", wayne
Next by Thread:  RE: SPF PASS (was: "If you believe that the SPF concept is fundam entally flawed, please subscribe at http://www.imc.org/ietf-mxcomp/"), Sukhenko, Alex
Indexes:  [Date] [Thread] [Top] [All Lists]