Why can't a spammer create many domains, and use an SPF record like this:
"v=spf1 +all".
Now any hijacked system can send email, but they must use a real domain
owned by the spammer.
Even if we disallow such a record, the spammer's hijacking software could
send the IP address to someone or something that would update the SPF record
with the IP address of the hijacked system(s). The hijacking software will
monitor the DNS records until the IP address is listed then start to send
SPAM.
There are a lot of free DNS systems out there. So the spammer does not need
to maintain a DNS system. I guess we could consider blacklisting DNS
systems! :)
Guy
-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
http://www.InboxEvent.com/?s=d --- Inbox Event Nov 17-19 in Atlanta features
SPF and Sender ID.
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com