Daniel Taylor wrote:
Paul Howarth wrote:
| how does SPF stop a spammer using throwaway domains with SPF records
| allowing any zombie to send for the domain, where the domain was
| registered using false information and phished credit card details?
|
It doesn't directly, but the reputation systems it allows
would make it trivial to spot such an attempt.
"hey, this domain is only a week old and has +all? better check
it more closely..."
Sure, but where are these reputation systems going to come from? And who's
going to pay for them, particularly given that they'll be a magnet for
litigation from the owners of domains that think their reputations should be
better than they are (just like Harris/Yesmail etc. effectively litigated MAPS
out of existence as far as most of the Internet is concerned)?
Paul.