On Feb 13, 2004, at 1:37 PM, Matt Sergeant wrote:
On 13 Feb 2004, at 16:24, Brian Candler wrote:
I see. But presumably the spammer will use
HELO dsl-192-0-2-35.someisp.net # real reverse DNS
or
HELO myisp.com # any domain hosted at this
ISP
in which case presumably SPF will allow it?
Only if the ISP's mail server is an open proxy or if the ISP has
designated its customer's machines as allowed mailers.
Yes. The key point is one that was raised by Shevek in an earlier
thread today. SPF does not prevent all spam - that's not in it's
design. It simply serves to verify that a user is representing their
messages as coming from a domain that they are authorized to do so.
It's great for joe-jobs, address spoofing and worm reduction. And
those are all plenty to make it worthwhile in my book.
George