spf-discuss
[Top] [All Lists]

RE: Compliance

2004-01-30 07:12:09

> >There should be a standard for anti-virus software that it never makes these
> >reports, almost none of the viruses that propagate now use a  legit sender
> >address.
>
> This is a very different issue.

Actually not, virus filtering takes time.

Sorry, I didn't really make my point clear in my post.  :)

My point was that since so many of the bogus notifications are caused by old software, make a compliance standard won't do any good. It's like saying that new cars must not pollute -- that's great, but it will take many years before cars stop polluting, because there are so many on the road today.

So SPF should be part of the anti-virus product.

Not necessarily. If the AV product knows which viruses are forging and which are not, SPF wouldn't provide much benefit (if the virus is forging, the notification won't go out anyways; if the virus is not forging, it will just prevent the rare cases where a typo or whatever appears in the address).

But viruses will spread less rapidly if they can't use impersonation.

Very true. That's for the MTA to handle, though -- it can use SPF and prevent the viruses from even hitting the virus scanner.
                                   -Scott

---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]

-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.5.txt
Wiki: http://spfwiki.infinitepenguins.net/pmwiki.php/SenderPermittedFrom/
To unsubscribe, change your address, or temporarily deactivate your subscription, please go to http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡


<Prev in Thread] Current Thread [Next in Thread>