At 04:51 PM 2/3/2004, Marc Alaia wrote:
Since SPF does not address this scenario (right?), couldn't spammers just
use non-existant domains?
Many mailservers reject this sort of mail already. I think it's even been
sendmail's default for years.
In fact, it is *because* so many sites reject mail coming from nonexistent
domains that spammers have started faking real ones, which is what has made
an SPF-like system necessary.
In other words, SPF shouldn't need to get into this. Your server should
reject mail from nonexistent domains fbefore it even gets to an SPF lookup.
Kelson Vibber
SpeedGate Communications <www.speed.net>
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.5.txt
Wiki: http://spfwiki.infinitepenguins.net/pmwiki.php/SenderPermittedFrom/
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡