spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Forwading/Redirecting: The problem as I see it....

2005-07-08 08:57:51
from [Julian Mehnle] [Permanent Link] 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Stuart D. Gathman wrote:

An SPF pass is useful for whitelisting.  You can already blacklist
a domain without regard to forgery, [...]


No, you can't.  If I started sending out spam using 
(_dot_)(_dot_)(_dot_)(_at_)debian(_dot_)org as the 
envelope sender, would you blacklist debian.org?

As soon as you have collected hard evidence that mail _genuinely_ claiming 
to come from debian.org justifies a bad reputation for that domain, only 
then can you go on to blacklisting any mail whatsoever claiming to come 
from debian.org, genuinely or not, without checking its sender address 
authenticity.  But you can collect hard evidence only based on authentica- 
ted sender addresses.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFCzqJ/wL7PKlBZWjsRAvL5AJ0XpOwxaCRVBwb6Jmhgh30AXr1vFQCcDrXN
02D1Hs7buwaEaQ7EHuF3cMg=
=OCzI
-----END PGP SIGNATURE-----
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Forwading/Redirecting: The problem as I see it...., Julian Mehnle
Next by Date:  Re: Explain please, Stuart D. Gathman
Previous by Thread:  RE: Forwading/Redirecting: The problem as I see it...., Stuart D. Gathman
Next by Thread:  Re: Forwading/Redirecting: The problem as I see it...., Stuart D. Gathman
Indexes:  [Date] [Thread] [Top] [All Lists]