Hello all!
Could you tell me if SPF is widely adopted now? Is my understanding
correct, in that if all domains had SPF records set in the DNS fields
this would prevent fraudulent spam. But it would still mean that
spammers could have accurate SPF records for their domains and then send
spam from those domains?
I could also see a potential problem where a spammer has a compromised
machine on a Tiscali ADSL connection, he looks up from his list email
domains which can send email from smtp.tiscali.co.uk and inserts
user(_at_)tiscali(_dot_)co(_dot_)uk in the MAIL FROM field. Would that defeat
the
protection SPF provides?
The only solution to prevent one Tiscali connected machine sending spam
as any Tiscali customer would be their own email server as far as I can
see.. One solution would be to allow specification of something like:
"username:smtp.tiscali.co.uk", which would mean no other Tiscali customer
could fake it.. but this might mean that server would need to check
the DNS before doing Reject 554 on connections from bad usernames.
I bet Spammers will also start signing their spams now, so they get
though any key checking as well. :(
Any responses or explanations appreciated.
Kind regards
Jon
--
WWW: http://jguk.org/
IM: now3d(_at_)jabber(_dot_)org
ICQ: 11122941
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to http://v2.listbox.com/member/?list_id=735