Mark Jeftovic wrote:
Can anybody post a link to Suresh's follow-up? I'd like to
read it.
http://www.zdnet.co.uk/talkback/?PROCESS=show&ID=20049704&AT=39228023-39020375t-10000025c
<http://www.circleid.com/article.php?id=1039_0_1_0_C/> is his
real story, but it's old (2005-04), already discussed here.
The person talking about SPF and mail worms appears to be
clueless. If mail worms would start to use the smart host of
the zombie (like SWEN did it), it's a major step forward. And
if they "only" avoid to forge FAIL-protected addresses it would
be very good news for everybody who was hit by the blowback and
now has a FAIL-protected address.
Actually I don't think that Mr. Fitzgerald's premise is correct,
worm authors have more pressing needs than to consider SPF FAIL,
unlike spammers. But if they would do it it would be of course
good and not bad. Abuse reports about SWEN were generally simple.
Or as Wayne put it in his reply:
| The world would be a much better place if all spammers and
| phishers did exactly what Fitzgerald suggests. It would mean
| a large reduction in the amount of bounced spam going to the
| wrong person and having people blame you just because your
| email address was forged.
Bye, Frank
-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com