I have read of may comments by the nay-sayers of SPF of how it would be
possible for spammers to use disposable domains and other such tricks to
achieve their aims and use SPF to their benefit.
Spam policies seem to bless SPF validated domains with lower spam scores
but despite this I have not seen this kind of abuse once in all the
months that I have been running SPF checks on my severs.
That said - something that I am noticing is spammers taking advantage of
very open SPF policies of some domains. Some as bad as +all!
Often the spammers are using completely random local parts on the
mail-from addresses so no one at the offending domain is subjected to
the backscatter produced. The domains involved are often being run by
inexperienced admins - who would not be the type of people to pour over
their server logs.
So my question:
How do we go about both educating the nieve admins as well as
encouraging them to make their records more focused and less prone to abuse?
Blacklisting based on the domain is the first thing that comes to mind -
but I am not convinced that it is an ideal solution. Many of the current
RBL's have continuous problems dictating their policies for 'where the
line is drawn' and then trying to implement that without making both
senders and receivers of mail rather annoyed.
--
Graham Beneke
Apolix Internet Services
E-Mail/MSN/Jabber: graham(_at_)apolix(_dot_)co(_dot_)za
<mailto:graham(_at_)apolix(_dot_)co(_dot_)za>
Cell: 082-432-1873 <callto://+27824321873>
Skype: grbeneke <callto://grbeneke>
WEB: www.apolix.co.za <http://www.apolix.co.za/>
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?list_id=735