Hi,
From the FAQ:
We can counter with:
1. fast automated blacklisting using spamtraps and attack detectors
2. simple reputation systems based on factors such as
* age of domain according to whois
* email profile of domain, eg. "too many unknown recipients"
* call-back tests to see if the sender domain is able to receive
mail.
The reputation system can advise a receiving MTA to defer or reject.
3. legal methods following the paper trail of who paid for the domain.
All these things can be done now with IP-based blacklisting.
(The exception is the call-back test, but that's not a very good
test anyway).
Advantages of an SPF-based system:
* A trojaned machine with a dynamic IP can appear on many IP
addresses. The same isn't possible with SPF.
* We don't need help from the ISP to blacklist a spammer with SPF.
* The ownership info for a domain is available centrally (whois)
and publically rather than decentrally (ISP customer records).
* Innocent parties inherit IP addresses. That won't happen with
spammer domains.
Nevertheless detecting throwaway domains will be a big challenge in
an SPF-protected world. The key is the whois information, so:
* How much information can be pulled out of
whois, and how automated can you make that?
+ Date of registry (not that useful - domains can be pre-allocated)
+ Real-world ID of person registering (quite useful)
* Can the whois infrastructure cope with large-scale automated
polling by mail filters?
* Since whois only handles 2nd level domain data can SPF ever
be useful for subdomains?
Other thought:
* The quality of a registrar might well become a filtering
criterion. Registrars that publish good whois info and
are good at checking ID may earn their users a better spam
filtering score.
--
Erik Corry erik(_at_)arbat(_dot_)com
A: Because it messes up the order in which people normally read text.
Q: Why is top-replying such a bad thing?
A: Top-replying.
Q: What is the most annoying thing in email?
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡