On Sat, 24 Feb 2007, bill ries-knight wrote:
Reputation is of no use as it is now. The point is SPF is domain based
It is extremely useful to me and my clients now. Applying domain based
reputation halves the size of the quarantines. Roughly, of the 11000
emails arriving each day just at the server for our 5 person company,
all but 300 are rejected for lack of any kind of validated domain (rDNS,
HELO, SPF, and guessed SPF are currently accepted). Big win right from
the start. 100 more are rejected due to bad reputation of their
validated domain. 100 are quarantined, and 100 are delivered - nearly
100% spam free.
We could then determine that everything coming in as spam from the
domain or the IP block as belonging to Alpha Mail. Next time any of
those three appears in an SPF header it could be blocked. Unless I
have missed something, we do not identify Alpha Mail in any form or
fashion.
You have missed something. There is no "mailer" in SMTP envelope (rfc2821).
DKIM provides one in rfc2822. And S/MIME and PGP/MIME identify the author.
SPF is not supposed to be the only authentication system in town. It is the
front line defence. It allows you to reject most spam based on domain
reputation before having to receive the entire message. Then you can validate
DKIM and PGP/S/MIME, and run the DKIM "mailer" and PGP/S/MIME author through
your bozo filter.
But domain reputation is currently so effective, the next levels aren't
worth doing for me.
--
Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flammis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to http://v2.listbox.com/member/?list_id=735