----- Original Message -----
From: "Julian Mehnle" <bulk(_at_)mehnle(_dot_)net>
To: <spf-discuss(_at_)v2(_dot_)listbox(_dot_)com>
Sent: Sunday, January 09, 2005 9:34 AM
Subject: RE: [spf-discuss] Is anyone else getting DoS'd by relay attacks?
David Woodhouse [dwmw2(_at_)infradead(_dot_)org] wrote:
On Sun, 2005-01-09 at 13:55 +1100, Chris Drake wrote:
> E) That mail server then originates a "bounce" for this faked email
> back to my server. Thousands of different legitimate mail servers
> are doing this, so my mail servers get swamped by crap that's
> impossible for me to firewall or block (because it's a real
> legitimate mail server "attacking" me).
It's not impossible to block; it's quite simple. Just implement SES.
Or we could just get all the others to implement SPF so these bounces
aren't generated in the first place.
That gets my vote. The volume of bounced email worm messages along justifies
SPF implementation, and usually justifies a harsh SPF policy to go with it
even if a few forwarders are inconvenienced.