On Fri, 27 Jan 2006 22:11:27 +1300 "Craig Whitmore"
<lennon(_at_)orcon(_dot_)net(_dot_)nz>
wrote:
SPF is *NOT* a solution for spam. It might help though as it is meant
for validating the origin of the message and a spammer needs to pick a
valid source domain.
Yes.. true.. but it seems that a lot of domains have SPF records, but they
mean nothing really
in SPF as they don't protect the domains from being plished at all with
the
?all
If they publish ?all, you are in a tricky space. To make use of it, I
think you need a 'reputation system'. The specs say that NEUTRAL MUST be
treated just like NONE, so within the scope of SPF, you are right. You'll
need to go beyond that.
I recall that Stuart had a system in which he would reject mail from
commonly forged domains if he got a NEUTRAL SPF result. AOL would be an
example. The downside of this kind of approach is that 'send a friend'
messages may be lost/rejected.
I could imagine including mail from domain in a Bayesian analysis with SPF
PASS mail being a separate token from SPF NEUTRAL. I'd guess that in all
the cases you list, the SPF NEUTRAL token would rapidly acquire a strong
negative value. This would be an approach that is consistent with the SPF
specs, but would keep these messages out. A domain with?all that was
rarely forged wouldn't suffer.
Scott K
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com