spf-discuss
[Top] [All Lists]

SV: I RTFM but still have a simple ?

2004-04-25 04:34:57
One of the easiest way to see, if an e-mail is spam, is when the e-mail has a 
@hotmail.com address but wasn't sent through hotmail's mailservers... most good 
spamfilters know this one, so you just should not send an e-mail from a 
business internet connection with @hotmail.com as sender e-mail address. This 
is not related to SPF.

If Hotmail wants to enable it's users to send from other internet connections, 
it should just use "?all" as the last part of their SPF record. If they want to 
enable certain users to use certain servers, this can be achieved using exists: 
and some macros.

If Hotmail wants to restrict their system, so that only their own mailservers 
may be used for @hotmail.com e-mails, they should end their SPF record with 
"-all".

The rest of the world will then judge e-mails from @hotmail.com based on how 
many of those that contain spam.

Spam protection is like IT security. If you want really good security, you do 
that by removing features and/or flexibility. The trick is to find a 
compromise, that gives good security and full functionality.

Lars.


-----Oprindelig meddelelse-----
Fra: owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com på vegne af PARIS   
Sendt: sø 25-04-2004 02:21
Til: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
Emne: [spf-discuss] I RTFM but still have a simple ?
 
SPF looks interesting.  But I have a simple question, that's probably the 
result of my lack of full understanding of how it works.

How does it work?
Suppose a spammer forges a hotmail.com address and tries to spam you.

He connects from an IP address somewhere


What happens if a person uses his business internet connection to send email 
using his hotmail return address. Thus he will be sending legitimate mail but 
from the business IP which of course is not listed. So according to the DOC. 
THe message will be bounced.

"If the message fails SPF tests, it's a forgery. That's how you can tell it's 
probably a spammer."


Can some please enlighten me.

                 


<Prev in Thread] Current Thread [Next in Thread>