spf-discuss
[Top] [All Lists]

Re: Electronic Frontier Foundation (EFF) Article On Anti-Spam Technologies Mentions SPF

2004-11-18 11:00:24

----- Original Message -----
From: "Dave Crocker" <dhc(_at_)dcrocker(_dot_)net>
To: <spf-discuss(_at_)v2(_dot_)listbox(_dot_)com>
Sent: Thursday, November 18, 2004 5:59 PM
Subject: Re: [spf-discuss] Electronic Frontier Foundation (EFF) Article On
Anti-Spam Technologies Mentions SPF


On Thu, 18 Nov 2004 17:23:10 +0100, Alex van den Bogaerdt wrote:
I get the feeling you think false positives are possible with SPF.

As has happened to me several times over the last few weeks, I needed to
use machines and networks that were not in my regular set. This meant using
MTAs that were not in my regular set.  Some were public kiosks and some were
friend's pc's, where I set the rfc2822.From field to be my address.

All of the messages from those situations would be assessed an
"unauthorized" and therefore would be falsely rejected.



If you choose to use your friends e-mail service to send your mails and
spoof your own address - that's SPOOFING - and *exactly* what SPF tries to
eliminate - it's an e-mail pretending to come from somewhere it doesn't -
just like thousands of spam mails every minute.

You could persuade your friends to have spf records which would include your
own domain of course, and that would make it work perfectly.

On the other hand - you could always use your considerable technical skills
to set yourself up with your own smtp-auth on your own server so that you
could connect to it from any machine, anywhere.



Slainte,

JohnP.
johnp(_at_)idimo(_dot_)com
ICQ 313355492


<Prev in Thread] Current Thread [Next in Thread>