spf-discuss
[Top] [All Lists]

Re: Question on SPF

2004-01-09 06:37:45
So require secure passwords. Don't let someone use simple 4 or 5 
character passwords. Require some special characters and numbers plus 
case changes.

Problem solved, net problem.

On 9 Jan 2004 at 8:27, Matt wrote:

Greetings,
Question on this whole SPF thing.
I'm interested in it but have a slight issue with it at the moment that
I'd like to get resolved.

My domain is: mydomain.com
Customer A is traveling and is using his e-mail of joe(_at_)mydomain(_dot_)com 
However, I do IP filtering on my mail server (not SASL AUTH), for my
dial-up pools.
When Customer A is at hotel he must use their mail server to send mail
out, so his mail will be rejected because the hotel mail server isn't
listed in mydomain.com's SPF txt list.

You suggest running SASL AUTH as a work around for this, however in my
experience this creates MORE of a spam problem then not using SPF..
here's why:

On a mail server with over 40,000 users it's relitively easy for someone
with a password cracker to hammer away at common names like 'joe'
'jeffp', etc and try to get some passwords.  Once they have a
username/password combo they can happily send e-mail out as that user
through MY mail server, and I can't do anything about them.   Doing IP
filtering requires that they are on MY network to send mail through MY
server, thus allowing me to terminate/prosecute/etc the person.
-- 
Matt <qmail2(_at_)chilitech(_dot_)com>

-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.4.txt
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡

----------------------------------------------------------------------
John Warren, President            | Tel.: +1 714-573-9650
theMailStation Mail Service       | Fax:  +1 714-573-9289
14681 Danborough Rd.              | mailto:jwarren(_at_)themailstation(_dot_)net
Tustin, CA 92780-6755             | 
                                  | 
+--------------------------------------------------------------------+
| Any and all use of my email address for bulk email without my      |
| expressed permission is prohibited. This means NO JUNK EMAIL, SPAM.|
| Support the anti-Spam amendment, Join at http://www.cauce.org/     |
+--------------------------------------------------------------------+

-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.4.txt
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡


<Prev in Thread] Current Thread [Next in Thread>