Graham Beneke wrote:
Spam policies seem to bless SPF validated domains with lower spam
scores but despite this I have not seen this kind of abuse once
in all the months that I have been running SPF checks on my severs.
Sooner or later it will happen. A radical idea would be to rename
FAIL to REJECT (please), and PASS to MAY BOUNCE (if necessary), but
of course it's too late for this, and it won't work for HELO PASS,
let alone for the useless (if from an unknown stranger) PRA PASS.
So my question:
How do we go about both educating the nieve admins as well as
encouraging them to make their records more focused and less prone
to abuse?
Maybe policy validators could determine how many IPs (in percent of
the IPv4 space) are permitted by a policy, and flag anything with
more than 1% as "probably too broad to be really useful".
Blacklisting based on the domain is the first thing that comes to
mind - but I am not convinced that it is an ideal solution.
Nor me, spammers have almost endless resources of disposable domains.
I've no idea what to do with a case like bell.ca, "write to their
postmaster" sounds silly.
Frank
bell.ca text = "v=spf1 mx ip4:198.235.69.10 ip4:198.235.69.45
ip4:198.235.69.46 ip4:206.47.0.168 ip4:206.47.0.173
ip4:206.47.0.177 ip4:207.236.237.0/25 ip4:67.70.214.43
ip4:216.18.99.22 ip4:69.156.197.234 ip4:66.241.131.163 +all"
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to http://v2.listbox.com/member/?list_id=735