[John Glube]
"[....]Nonetheless, domain-level authentication would confound
spammers’ ability to engage in spoofing and to send
messages via open relays and open proxies, enable ISPs to
deploy more effective filters, and provide law enforcement
with an improved ability to track down and prosecute
spammers."
:-))
I know open-relay address 10.2.3.4
ISP name is "CoolISP.net.cn"
Can you tell me that is difference for spam comming from IP 10.2.3.4 and From:
field value h3corz(_at_)aol(_dot_)com vs.
postmaster(_at_)CoolISP(_dot_)net(_dot_)cn ?
I do not see any. You will have to block both manualy. Most-likely on IP basis.
IHMO, SPF aimed to increase number of valid emails comming to your mail-box.
SPF can only decrease false-positive results.
There is no way to use SPF for prevention in long term. Spammers will evolve.
My interpretation of quote from 9/11 report
http://www.9-11commission.gov/report/911Report.pdf (page 13):
"We learned that the institutions charged with protecting our
post-mail and email-boxes; phones and faxes did not understand
how grave Spam and Direct Marketing threat could be, and did
not adjust their policies, plans, and practices to deter or defeat it.
We learned of fault lines within our government—between foreign
and domestic intelligence, and between and within agencies.
We learned of the pervasive problems of managing and sharing
information across a large and unwieldy government that had been
built in a different era to confront different dangers."
Realy nice words.
Take them in consideration then you will assume that all non-legit emails will
have forged "From:" address.
This assumption similar to that FAA and NORAD used.
They assumed hijackers will not control aircraft and transponder code of “7500”
will be squawking”.
Spammer can control as many PCs/Servers as they need. It's only matter of cost.
Do not make any assumptions.
Do not trust anybody. Even me.
--
Andriy G. Tereshchenko
TAG Software
Odessa, Ukraine
http://www.24.odessa.ua