On Sat, 2004-07-10 at 18:22, Andrew G. Tereschenko wrote:
However, if for some reason you did want such a statement, you could do
so by convincing spamcop.net to allow for evaluations such as:
"v=spf1 -exists:%{l}.greaterthan1250.comparison-bl.spamcop.net ~all"
I read your previous line, and wrote in my suggestion, as if it were
%{d}. I'm guessing you really want %{l}.%{d}. (local-part,
current-domain)
I would like to indicate that all users who have realy bad reputaion in
provider who I trust are probably spammers and everybody must be aware on
this.
But spf records deal with authentication--whether the spammer is who
they say they are, not with reputation--how good or bad a netizen you
think the probable-spammer is.
But I can not terminate user account becouse I'm not yet 100% if he is realy
spamming or this is misunderstanding.
I do not wanna to pay high legal fees if my client will sue me on agreement
termination.
As well I do not wanna to be marked as ISP supporting spammers.
That part I understand, but I'd prefer it if RHS blocklists extended
themselves to providing the same sort of service.
If a RHS blocklist could mark an entire domain as spammy, or mark only
particular users in mostly-trusted domains as spammy, then that would be
fantastic..
It would mean that at some point in the future recipients could receive
mail from reputable accounts even from ISPs hosting known spammers, if
the ISP's MTAs are known to be trustworthy in that they didn't allow for
forgeries.
In such a world, the new-user problem is nearly the same as the
new-domain problem, though I'd imagine new users from ISPs that don't
allow spammers would have an initial reputation advantage over new users
from ISPs that do.
In any event, doing this sort of logic from within blocklists makes more
sense to me, as IMHO an spf record should only give authentication
how-to methods, not reputation-determination methods.
(Or at least, the reputation-determination methods should not pretend to
be authentication-how-to methods.)
Those spammy users sending mail from your domain really are those spammy
users they claim to be. Making your SPF record say otherwise means
you're misrepresenting their claims of authenticity.
It's sort of like seeing a mugger who approaches someone and says:
"Hello there, I'm Bob, and I'm going to rob you now", at which point
someone else runs up and shouts: "Watch out! He's not really Bob!"
(Uhm, I don't have a point with that example actually--it's just funny
and I couldn't bring myself to remove it even after realizing it doesn't
illustrate much.)
--
Mark Shewmaker
mark(_at_)primefactor(_dot_)com