There should be a standard for anti-virus software that it
never makes these
reports, almost none of the viruses that propagate now use a
legit sender
address.
This is a very different issue.
Actually not, virus filtering takes time. The virus attack can be recognized
as an impersonation email and rejected before you even bother to scan.
So SPF should be part of the anti-virus product.
You still need anti-virus even with SPF, for that matter with Domain keys.
But viruses will spread less rapidly if they can't use impersonation.
Another approach would be to report an authenticated virus via the reporting
mechanism I have proposed. We need a report mechanism generally. Think about
it, alice(_at_)example(_dot_)com has a virus, it sends itself out using the
address
alice(_at_)example(_dot_)com(_dot_) Telling alice does not do much good,
telling her sysop
does.
Phill
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.5.txt
Wiki: http://spfwiki.infinitepenguins.net/pmwiki.php/SenderPermittedFrom/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname(_at_)©#�«Mo\¯HÝÜîU;±¤Ö¤Íµø�?¡