spf-discuss
[Top] [All Lists]

Re: mail administrator certification example

2004-07-30 11:32:56
On Fri, 2004-07-30 at 19:14, John Keown wrote:
I am not saying I do not know how to handle it. I am just saying that when a
proposed solution breaks with the rules and interpretation of existing
standards it brings into question the validity of the rfc.

The SPF spec. says how to interpret SPF records, nothing else. The
syntax is IMHO clear, concise and intuitive. I have yet to see the
standard that the solution allegedly breaks btw.

I will give one example just given to me on another list where spf will not
even slow spam on zombies.

Spammer solution is simple. Take several lists of the zombie ip addresses
and create a simple program that makes tight spf records by updating the dns
just before sending the spam. Then our receiving server will test the spf of
adgafdgh.com and get valid and tight spf records for that domain because the
zombies are listed as valid sending ip. Thus spam get through and spf is
useless. All spf will do is increase the spammer's programming and load on
our server. Spam from zombies will continue to come through. They will just
be listed on some spf records.

They will just no longer spoof return addresses.

Haven't there been several people on this list earlier this week saying
that:

(a) SPF is not an anti-spam technology, and
(b) checking for wide IP ranges in SPF records is a waste of time?

Paul.
-- 
Paul Howarth <paul(_at_)city-fan(_dot_)org>