spf-discuss
[Top] [All Lists]

Re: [spf-discuss] SPF basics commentary

2007-01-29 10:42:45
On Mon, 29 Jan 2007, Don Lee wrote:

rDNS can therefore be used to detect certain kinds of forgery that
resolving the HELO cannot.

For instance, It is easy for me to set up spamdomain.com -> 1.2.3.4, and
set up SPF so that 1.2.3.4 is OK to send mail.  However, if
rr.com "owns" 1.2.3.4, they may not let me change the
rDNS to "spamdomain.com" - esp. if it's a "pool" IP.

If the spammers owns spamdomain.com, then setting it to 1.2.3.4 is not
forgery.  He is providing a registered name that you can validate.
Forgery and spam are two different issues.  Using the validated name,
you can chalk up spam demerits without fear of harming an innocent party.

Again, I agree that rDNS is a useful input for spam detection.  But
it does *not* add anything over a validated HELO for forgery detection.

I would hope that living in an area without competent broadband providers
does not doom one to be unable to send email - even with proper HELO, SPF,
etc and competent management.  But that seems to be a fading hope.  It may be
that going to IPv6, where everyone can set their own rDNS, is the only way
around that.

-- 
              Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
    Business Management Systems Inc.  Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flammis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.

-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to http://v2.listbox.com/member/?list_id=735