spf-discuss
[Top] [All Lists]

Re: Border Appliances

2005-06-30 15:00:50

----- Original Message -----
From: "Stuart D. Gathman" <stuart(_at_)bmsi(_dot_)com>

I predict that if this isn't address in the relatively near future,
Developers of SPF servers will enforce it themselves by caching the
first
time SPF transaction with a relaxed policy and setting its own time
limits.
I started to program such a logic but didn't put into practice.

I already do a primitive reputation system like you describe, but based
on number of spams, not time.  When the number of spams
with relaxed results from a domain exceeds a threshhold, I no longer
accept relaxed results from that domain.  Current list is:

reject_neutral = aol.com, yahoo.com, hotmail.com, arosii.com,
        oracle.com, msn.com, rr.com, egroups.com, gmail.com

"reject_neutral" also rejects softfail.

Nice. This is how I understood this was one of the usagest with relaxed
policies.

Whats been your experience? How do you determine what is spam or not?
Bayesian Analysis?  User Policies?

I guess, my goal is to use SMTP level to trap "bad transaction", unrelated
to spam.  Even for legitimate mail.  If the spoofing is caught, its
rejected.

Maybe I want to write a important message, something I don't think is spam,
but I want to do it anonymously so I go so some other host and try to spoof
the return path address.   Good mail or not.  It trapped by SPF, its
rejected.

With your method, while excellent, you still able to pass undetected spam to
users.  Right?

--
Hector Santos, Santronics Software, Inc.
http://www.santronics.com



<Prev in Thread] Current Thread [Next in Thread>