On Mon, 29 Jan 2007, Seth Goodman wrote:
Stuart D. Gathman wrote on Monday, January 29, 2007 12:04 PM -0600:
No, I found that the *domain* was legitimate and not forged. That is
all I'm claiming. The domain in your example was not forged, and
can safely be credited with spam demerits and blocked shortly
thereafter.
That misses the point, which is to reject mail from hosts that are not
legitimate. You can properly say that SPF is about domain forgery and
nothing more, and I will point out that if it results in accepting more
spam, recipients wont use it. If mail comes from an IP that isn't
I repeat, as others have done ad infinitum:
SPF IS NOT ABOUT SPAM. SPF IS ABOUT DOMAIN FORGERY.
I'm sure your spam control techniques are all very nice, and all that,
but here on the SPF list, we are working on DOMAIN FORGERY, which
really has nothing directly to do with spam. It is tangentially
related to spam in that it allows you to attach reputation to
domains that you see in SMTP envelope and reject them before data.
controlled by the domain claiming responsibility, I don't want it
because it most likely is not legitimate. You can always whitelist
specific IP's that can't get PTR delegation. If you live in a place
You are using "legitimate" to mean "non-spam". I am using it to
mean "not forged", because that is the meaning that is appropriate
for SPF mailing lists. This is not a spam list. It is an SPF list
where we try to control domain dorgery.
The whole point of SPF is to be able to whitelist domains NOT IPs.
You say, "whitelist an IP", but then how are you going to track
changes? Do they have to call you up and tell you everytime their
mail server gets a new IP? Hey! Maybe they could publish a record
in DNS that tells what their current IPs are so you can whitelist them
automatically! Cool idea! You could put the info in a TXT record for
starters, then apply to IANA for an official DNS type...
where a lot of legitimate domains send mail from IP's that don't list
the domain in a PTR, then you shouldn't reject mail for lack of PTR
agreement. However, in many places, lack of PTR agreement has low
enough false positive rate to be a useful spam indicator. I can only
see this trend increasing.
Again, this mailing list is about domain forgery (and SMTP envelope
domain forgery, at that), not spam. So that is why we are talking past each
other. PTR agreement may indeed be a useful "spam indicator", but it is *NOT*
a useful domain forgery indicator.
--
Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flammis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to http://v2.listbox.com/member/?list_id=735