spf-discuss
[Top] [All Lists]

Re: [spf-discuss] Can this really be true?

2005-09-22 14:48:43
johnp writes:
Can anyone see anything right about this arrangement - or am I 
blinkered/stupid?

I think you're pursuing the wrong weakness.  When users have to
authenticate to get on the network, what is wrong with the network's
mail relay not requiring a second authentication to send mail?

The one answer I can think of offhand is that the user's system may
have a mail-sending virus.  By scanning all outgoing mail, the
network's mail relay can prevent the virus from propagating itself,
but this won't prevent the virus from sending spam.

For a small network, this is basically a policing issue.  Keep the
network clean and stomp on errant users, and you'll have few
problems.

The real weakness I see is that large networks don't police
themselves.  In particular, much of the spam getting in here is sent
from MSN or Hotmail via hotmail.com mail relays.  It's all
authenticated mail - not authenticated with SMTP AUTH, but
authenticated nonetheless.

--
Dick St.Peters, stpeters(_at_)NetHeaven(_dot_)com 

-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com