On Tue, Dec 07, 2004 at 05:43:23PM +0000, David Woodhouse wrote:
| On Tue, 2004-12-07 at 12:36 -0500, Scott Kitterman wrote:
| > Now, this isn't because everyone is checking my SPF record and rejecting
| > rather than bouncing. It's because enough MTAs will reject on SPF fail,
| > that the spammers are moving one.
|
| I'm not sure what you're saying. You think the spammers are no longer
| using your domain as the source of their mail? I find that unlikely.
|
I've received many spams recently that attempt to phish
ebay.com and paypal.com which do publish SPF records.
They all have a return-path like MAIL
FROM:<blah(_at_)nospf(_dot_)random(_dot_)com>
but
From: <paypal(_at_)paypal(_dot_)com>
so maybe spammers are checking SPF records and not forging
return-paths for domains that publish. Hey, if enough
spammers check SPF records, then receivers might never have
to :)