spf-discuss
[Top] [All Lists]

Re: Re: DNS load research

2005-03-23 11:09:54

There's no need to check SPF when you're going to reject the message
based on bad recipient addresses, bad HELO information, local blacklists,
or accept it based on local whitelists, etc.

The SPF check has to be done first, or you will pass a message just because it claims to be from aol.com. I think what you are suggesting might work as long as spammers continue their current practice of ignoring SMTP compliance, but very soon we can expect spam to have perfectly formed headers and legitimate, non-blacklisted domains.

We need to make plans based on what spammers are likely to do, not just what they are doing now.

-- Dave

*************************************************************     *
* David MacQuigg, PhD              * email:  dmq'at'gci-net.com   *  *
* IC Design Engineer               * phone:  USA 520-721-4583  *  *  *
* Analog Design Methodologies                                  *  *  *
*                                  * 9320 East Mikelyn Lane     * * *
* VRS Consulting, P.C.             * Tucson, Arizona 85710        *
*************************************************************     *



<Prev in Thread] Current Thread [Next in Thread>