spf-discuss
[Top] [All Lists]

Re: Domain spoofing - was Re: [anti-spam-wg(_at_)ripe(_dot_)net] I wrote a spam filter in Perl

2003-10-08 05:13:09
On Wed, 8 Oct 2003, pna.lists wrote:

Shouldn't we start implementing SPF?

http://yro.slashdot.org/article.pl?sid=03/10/06/0044200

http://spf.pobox.com/

"We're in an experimental stage right now: we need lots of domains to publish 
SPF records so we can see if there's anything wrong with the idea of 
wildcards and TXT records"

The idea of advertising who is allowed to send for a domain is good. I had 
talked to various people about the idea of doing this with the MX record,
but obviously not everone has incoming and outgoing mailservers on the 
same box.

Doing it in TXT records is clumsy. We (as in IETF dnsex group) are doing 
something
really wrong if people need to keep abusing the TXT records for stuff. I guess
it would be good to start with, but ideally a new RRtype should be used.

Last, since I'm personally doing lots of dnssec stuff, I really do not want to 
put
in wildcards in my dns. My hatred for wildcards is only marginally less then my
hatred for spam.

I'd implement a similar idea that does not depend on wildcards immediately for 
all
our domains, which if they are .nl domains, are then even dnssec signed as well.

(now let's all push RIPE to sign the their in-addr.arpa zones :)

Paul

-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡


<Prev in Thread] Current Thread [Next in Thread>