spf-discuss
[Top] [All Lists]

RE: Is SPF all that useful?

2004-07-24 05:51:57
Spammers often send to ones secondaries first?  Interesting...  What if one 
configures DNS to show a
secondary MX on a server that doesn't answer port 25 or accept SMTP at all?  Do 
the spammers keep
trying the secondary, or do they revert to your primary... :)  Do you have any 
stats on that?

Course that would only work until spammers got smart to it, but not all 
spammers are smart, they
are, after all, spammers...  :)


Terry Fielder
Manager Software Development and Deployment
Great Gulf Homes / Ashton Woods Homes
terry(_at_)greatgulfhomes(_dot_)com
Fax: (416) 441-9085


-----Original Message-----
From: owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[mailto:owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com]On Behalf Of Koen 
Martens
Sent: Friday, July 23, 2004 8:30 PM
To: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
Subject: Re: [spf-discuss] Is SPF all that useful?


On Fri, Jul 23, 2004 at 05:16:39PM -0700, Gilbert, Joseph wrote:
I run spf with a secondary mx and have no problem with
it. How? The
secondary does spf checks as well as all other checks my
primary does, and
the primary trusts everything it receives from the
secondary. Now the
only problem I see with this is that someone could be able to
spoof the
ip of my secondary, but that's a risk i'm willing to take.

I see.  So, whatever other sort of filters I am running on
my primary MTA
have to be enabled on my secondary MTA.  Thus, any spam
marking, stripping,
discarded, etc. that occurs on my primary has to be
duplicated on any
secondary MTA I have.  In my case, that would require
additional hardware,
not to mention time configuring and testing the software config.

Then, the question becomes benefit vs. cost on running a
secondary or
tertiary mail server.

Alright, I see that this particular issue can be resolved with the
appropriate configuration.

As said, it is common for spammers to use your secondary first to drop
their loads. In fact, i have been checking and most of the spam I got
was received by my secondary. To be sure, your secondary should also
have a way of checking if the recipients do indeed exist, so
mail can be
rejected by the secondary before the DATA phase, saving
bandwidth and hd
space as well as preventing bounces from being sent.

Another solution mentioned on this list is for the secondary to reject
mail if the primary is on-line. Yet another is to not have a secondary
at all, given that mta's will try several days before finally
giving up
anyway. If you have an incoming mta with a reliable hosting
company, you
probably don't need a secondary (if you accept the possible delay).


Koen

--
K.F.J. Martens, Sonologic, http://www.sonologic.nl/
Networking, embedded systems, unix expertise, artificial intelligence.
Public PGP key: http://www.metro.cx/pubkey-gmc.asc
Wondering about the funny attachment your mail program
can't read? Visit http://www.openpgp.org/

-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Send us money!  http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily
deactivate your subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com


<Prev in Thread] Current Thread [Next in Thread>