-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Seth Goodman wrote:
If you apply reputation to the domain of each query that gives SPF pass,
it probably doesn't matter which identities you queried. If the
distinction between originating spam and forwarding it proved useful
(doubtful), you could maintain two separate reputation lists.
I disagree. I don't think you can apply the same pool of reputation to
both HELO- and MAILFROM-authenticated identities. Of a given HELO
identity (e.g., mta.example.com), only 1% of the mail sent may be spam,
but of a given MAIL FROM identity (e.g.,
(_dot_)(_dot_)(_dot_)(_at_)example(_dot_)com), 100% of the
mail sent may be spam, even if it is sent from the same mta.example.com!
mta.example.com might send non-spam mail for other domains, too.
The concepts of "originating" and "forwarding" don't necessarily play into
this.
Apart from that, I'd of course agree that any distinction between
originating and forwarding spam is effectively meaningless. (Otherwise
every spammer could just claim to be "forwarding" their spam, and there
would be no way to disprove them.)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFFpqHTwL7PKlBZWjsRApC6AKDtmiKlF8sBGHa/zNgR4tMmlUMlpgCg9ySf
B6dff4jPNXXAd6bJxrWpHLE=
=k+5o
-----END PGP SIGNATURE-----
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to http://v2.listbox.com/member/?list_id=735