On Wed, Oct 15, 2003 at 11:43:59AM -0500, Dustin Trammell wrote:
What would you do then ? Systematically refuse mail from wildcard-SPF
? If not (and I believe, probably not), what's the point ? You accept
the mail, anyway.
Checking wildcard can be useful at the policy level : this would be a
nice addition to spamassassin scoring.
I don't really see why a spammer would do that, anyway. For the time
being, no SPF support at all by the domain would make the mail
accepted by the MTA. By wildcarding, the spammer would simply risk a
bad score in spamassassin, which he obviously wants to avoid.
I think that actually was the point. By taking into account this factor
in SPF, you could add an entry in the mail header that your filtering
software could use to make a more informed decision.
I was assuming that spamassassin would himself make that kind of SPF
lookup. Basically, it's a matter of local policy : it doesn't change
the RFC. I want my MTA to be fast, and avoid unnecessary traffic. If
this wildcard SPF test is just meant to give a clue to spamassasin,
well, just let him do it, he's already doing *lots* of things.
At which point, one can hopefully lookup throw-away-012012.com in
whois and trace back to the spammer. And sue him. Registries are being
required by ICANN to keep acurate records of domain holders.
Are they? I personally know at least 15 people that use fake
information to register domain names. None of them are spammers, mind
you, they're just privacy nuts. Sounds like they're not doing a very
good job of forcing the requirement.
Well, they at least have the credit card number which hopefully is
real, and identifies the holder quite well. They would be required by
authorities to give any info they have in case of legal action.
As as side note, although we talk about spam, virus would be far more
effectively defeated by SPF.
SPF is a nice idea. It fills what I consider a security hole. As
such, we should now focus on getting a finished RFC, handling only
technical issues. And an as-fast-and-large-as-possible deployment.
--
Nicolas Bougues
Axialys Interactive
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname(_at_)©#�«Mo\¯HÝÜîU;±¤Ö¤Íµø�?¡