Radu Hociung wrote:
Picking "something else" for MAIL-FROM does not help a
phisher.
IMO v=spf1 is not very good at anti-phishing. PRA tries to
be better, but PRA doesn't convince me for various reasons.
Spam filters are more likely to be suspicious of random
domain names they see for the first time
Yes, you can do "something" with a PASS in combination with
a white list or reputation service (gossip, karma, siq, etc.)
This "something", whatever it is, works also for a HELO PASS.
a spammer will try to use as real a MAIL-FROM domain as
possible.
Yes. He could even publish his own sender policy, or he takes
one of the $number(mail_domains) minus $number(FAIL_domains),
there are still enough for some years.
"none" results will eventually get a very unfavourable spam
score, so essentially they will spell "spam".
If all goes well. In some years. Maybe. And if that's true
NONE HELOs (neither CSV nor SPF PASS) could also smell spammy.
My forwardmaster plan is not based on HELO, but on RCPT and
on "the list".
Yes, I meant "the part of the forwardmaster-plan I understand",
that's not your original idea, but some "per-user-op=trusted".
Where is the "op=trusted" explained?
In essence it was an idea by Meng here on this list, followed
by a discussion about the difference between pobox as forwarder
and pobox as MSA (apparently it's both).
I tried to document it in draft-spf-6-3-options-05.txt and all
earlier versions of this memo (in -01 it was still "op=meng"):
<http://purl.net/xyzzy/home/test/draft-spf-6-3-options-05.txt>
Bye, Frank