spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Can SPF support subdomain reputation?

2004-08-28 00:31:43
from [guy] [Permanent Link] 
Not infinite!
But enough that each atom on earth could have its own email address.
:)

I have seen real domains that were 4 or more levels deep.

I hit this topic a few weeks ago, but no real answer.
The best answer was to black list the sub-domain, if enough sub-domains get
black listed then black list the higher level domain, which would include
all sub-domains under it.  But domains are not limited to 2 levels.
guy(_at_)a(_dot_)b(_dot_)c(_dot_)d(_dot_)e(_dot_)f(_dot_)g(_dot_)h(_dot_)i(_dot_)j(_dot_)k(_dot_)l(_dot_)example(_dot_)com(_dot_)
 is valid.
So if a.b.c.d.e.f.g.h.i.j.k.l.example.com. was black listed,
And a2.b.c.d.e.f.g.h.i.j.k.l.example.com. was black listed,
Then b.c.d.e.f.g.h.i.j.k.l.example.com. may get black listed also, which
would include all sub-domains like a3.b.c.d.e.f.g.h.i.j.k.l.example.com.

Then you get into things like example.com.uk., if example.com.uk. and
example2.com.uk. were black listed, would you black list com.uk.?

Then I suggested someone needs to maintain a master list of top level
domains, these should never get black listed.  Some top level domain are
really sub-domains.  This list would include "com.", "net.", "edu.", ".",
"com.uk." and "com.us.".  This is just a small sample.  "name." is a special
case.  I (Guy Watkins) reserve the rights to this idea!  If it has value to
anyone, let's talk!

Guy

-----Original Message-----
From: owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[mailto:owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com] On Behalf Of AccuSpam
Sent: Saturday, August 28, 2004 2:48 AM
To: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
Subject: [spf-discuss] Can SPF support subdomain reputation?

Bcc: some

Resending as did not appear on list first time...

Playing devils advocate here so we can resolve in draft stage...

Please correct me if I am mistaken, but it appears that SPF supports the
ability to set different rules on different subdomains (sub.domain.tld).

Thus the apparent intent implied by the syntax is that SPF declaration can
support subdomain reputations.  But then what stops a spammer from creating
infinite subdomains to bypass reputation anti-forgery, analgous to how (a
few astute) spammers create infinite new variations of words to bypass
Bayesian anti-spam?

-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
http://www.InboxEvent.com/?s=d --- Inbox Event Nov 17-19 in Atlanta features
SPF and Sender ID.
To unsubscribe, change your address, or temporarily deactivate your
subscription, 
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Can SPF support subdomain reputation?, Andriy G. Tereshchenko
Next by Date:  Re: Re: DEPLOY: SPF/Sender ID support in Courier., william(at)elan.net
Previous by Thread:  RE: Can SPF support subdomain reputation?, AccuSpam
Next by Thread:  RE: Can SPF support subdomain reputation?, Mark Smith
Indexes:  [Date] [Thread] [Top] [All Lists]