On Mon, 13 Nov 2006 15:14:26 +0000 Julian Mehnle <julian(_at_)mehnle(_dot_)net>
wrote:
Jon Grant wrote:
If a zombie PC can send email via the tiscali.co.uk single authorised
server: smtp.tiscali.co.uk, without that ISP checking which users are
authorised from which of their customer IP addresses then I could still
suffer bounces from zombie PC which also had an ADSL connection with
Tiscali.
That spam sent by the zombie will be received by some spam victim's mail
server. If that mail server does an SPF check and your domain (!=
tiscali.co.uk) has an SPF record that does NOT authorize the Tiscali mail
server to send mail using your domain, then you will NOT get a bounce for
that spam and SPF has done its job.
And if, as in your example, Tiscali does not keep junk from going out
through their MTA, it's time to start thinking about maybe using a
different provider. It is difficult to keep outbound relays clean, but not
impossible. It may be beyond some mass providers to pull it off.
Scott K
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to http://v2.listbox.com/member/?list_id=735