On Mon, 2004-12-06 at 12:57 -0500, terry(_at_)ashtonwoodshomes(_dot_)com wrote:
The problem is, how do you distinguish an email that was *actually* forwarded
from one that is
*pretended* to be forwarded (by fake headers generated by the spammers MTA).
You can't. But this is already the case with SPF and SRS. I can generate
a mail with a reverse-path something like:
SRS0=xx=yy=ashtonwoodshomes(_dot_)com=terry(_at_)srs(_dot_)infradead(_dot_)org
The recipient's ISP can't distinguish that fake from a genuine mail
which was really forwarded, in the general case. All they can do is look
up 'srs.infradead.org' in the reputation database.
Umm, I think this is watering down SPF too much,
Well yes, but it's _already_ that watered down. It's _already_ no more
useful than CSV, when you actually stop for a moment to consider the
situation holistically.
--
dwmw2