spf-discuss
[Top] [All Lists]

Re: This company will be glad of SPF

2004-03-19 13:43:14
Quoting Lyndon Eaton (lyndon(_dot_)eaton(_at_)premierpc(_dot_)co(_dot_)uk):
They don't have an SPF record so people using only SPF are 
still accepting the offending mail, presumably.

I'd agree, but when this company hears about SPF, what do you think
there chances are of adopting it are? How crippled would your company be
if you had to turn off your phone system?


Today it would make absolutely no difference, they would still have
to turn off their phones.  Next year they might not have to.

I was rejecting around 100K bounces daily to forged envelope addresses
in two domains that have a -all SPF record.  Now the MX record
points to blackhole space in Chinanet.  Let the stupid MTAs that
accepted mail to non-existent users queue it and try to deliver it
to the 10 blackhole addresses.  I did have the MX pointing to a
blackhole in my address space just to see how much traffic it would
generate.  Traffic was close to 200 packets/second when I changed
the MX to Chinanet space.

Five more domains are being forged by the same good folks selling
drugs via sites hosted on Chinanet generating another 300K plus
bounces daily that do wind up at my MX machines.  I can't put a
-all record on those domains and today it would not matter if I
did.  There are not enough MTAs rejecting based on SPF to make any
difference.

This has been going on for 4 weeks now.  Am I guilty of abuse?
Probably.  Do I care?  Not one nano-bit.

John Capo
Hoping for much wider adoption of SPF


<Prev in Thread] Current Thread [Next in Thread>