On Jun 14, 2004, at 6:36 AM, Gary Levell wrote:
I'm sure that there has already been discussion of this topic, but I'm
worried about the ability of domain owners to create records that are
in
the simple case
"v=spf1 +all"
I don't see the problem. If someone publishes that for a domain, say,
sillydom.example, then I have no choice but to assume that that is what
they mean. And so if I get a lot of spam with sillydom.example 821
Froms, then I may simply blacklist sillydom.example. Of course, to be
polite, I would probably write to them asking if they really understand
what they've published.
Remember, an SPF "pass" does not mean that the mail isn't spam. It
merely means that the owner of the domain considers the particular IP
authorized to send mail in their name. Indeed, I've noticed that some
non-forging opt-out spammers are publishing legit SPF records,
presumably in the hopes that an SPF pass will reduce the spam scoring
of their messages. rm04.net appears to be an example.
PS and OT:
Regarding your disclaimer (and the fact that you seem to be in the
email disclaimer business) I would like to shamelessly draw your
attention to
http://www.goldmark.org/jeff/stupid-disclaimers/
Cheers,
-j
--
Jeffrey Goldberg http://www.goldmark.org/jeff/