Daniel Taylor wrote:
As Mr. Gardner pointed out, greylisting is sufficient, i.e. "it's new to me",
and overly permissive SPF records are self-evident.
Greylisting is good but not without its problems, e.g. handling of big server
farms, VERPed sender addresses etc. I don't think overly permissive SPF
records are at all self-evident though. Supposing I had:
example.com TXT "v=spf1 exists:%{v}.spf.example.com"
$GENERATE 0-255 *.$.spf.example.com A 172.16.$.23
Would that be self-evident to you, given that you can't "see" the wildcard and
GENERATEd DNS zone?
I am not arguing the obvious risks of public criminal behaviour
as he has made that point quite to my satisfaction already.
SPF and similar (e.g. designated sender) technologies have been discussed in
quite some detail over on SPAM-L in recent months and I don't think there's
*anyone* there that thinks that SPF will solve spam. If anyone truly believes
that it will, it would be interesting to see you try to convince the folks
over there (see http://www.tile.net/lists/spaml.html for subscription info),
most of whom have much more Internet experience and knowledge than I do, and
some of whom are responsible for some very large networks.
I'm also reminded of Vernon Schryver's page on the "Final Ultimate Solution to
the Spam Problem (FUSSP).") -
http://www.rhyolite.com/anti-spam/you-might-be.html ;-)
Cheers, Paul.