On Thu, 14 Oct 2004, Raymond Neeves wrote:
sorry, i didn't read the rfc, i just went off what was sent previously. so
we're still not talking about [ipaddress] in FROM we're actually talking
about it in HELO and having to use that in the event of a null FROM.
I (http://bmsi.com/python/milter.html) treat this case as having no
SPF record. I use a three strikes and yer out program. I'll accept
a valid PTR, a valid fqdn HELO, or an SPF neutral/pass as identification.
I am about to stop accepting PTR records that contain their IP address.
Also, I reject SPF neutral for selected domains (e.g. aol.com).
There is, of course, a shared DNS blacklist for both connect names (PTR)
and HELO/SPF names.
Spammers can come up with and register new domain names very efficiently,
so the next step is an automatic reputation system like GOSSiP to
take over maintaining the blacklists.
--
Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.