On Thu, 21 Jul 2005 09:49:40 +1200 "Craig Whitmore"
<lennon(_at_)orcon(_dot_)net(_dot_)nz> wrote:
Something which will help ALOT with spam is rejecting the HELO of the ip
address and name of your own mail server
This will stop _A LOT_ more spam/virus traffic than SPF does. (it can drop
spam coming into your system by over 50%)
SPF also stops those very same HELO forgeries, plus many more. In fact,
that is the point of SPF, but extended to general domains and MAIL FROM.
However, the simple comparison against your own MTA name is much cheaper than a
full SPF check, and I do that too for efficiencies sake - I think of it
as an optimization.
BTW, the libspf2 C library has a lot of neat optimizations, including
"compiling" SPF records to ip4 mechanisms and storing them that way
in the cache. For applications requiring raw speed, that is the
way to go.
--
Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.