Hannah Schroeter wrote:
You use SES or Mark's SRS-like trick, with less impact on
other functioning of mail.
Get them to publish some proper I-Ds, and the deployment to
scare spammers away from my vanity domain like SPF did, then
I'd consider to ask my ISP to test new tricks. I can't pull
this more than once per year. ;-)
[SES]
Unless they use a non-empty envelope sender, but then the
operators and developers of those systems should be shot.
Yes, I even have a script for this purpose, it sends the text
"Erroneous spam bounce / challenge / forward - please use a
filter and/or SPF" to my clipboard, I paste it in the subject
of the abuse report and edit it. It had almost no effect, one
postmaster sent me the same link to the JdBP SPF-rant twice.
SPF did the trick, because "my" spammer believed in the idea.
SPF pass w/o whitelist can be spam too
Sure, SPF without -all is for cowards or losers. and SPF checks
without rejecting FAIL is rather pointless. If they want to
waste time they should test "hashcash" - okay, that's on the
side of the sender.
SPF pass w/ whitelist can be less spammy, of course
It should be near zero spam, or else you'd fix your whitelist.
Bye, Frank