On Sat, 7 Apr 2007, Frank Ellermann wrote:
If forwarders don't reject SPF FAIL and keep the forged mail from as
is they are by definition spam supporters, and the next hop better
rejects this crap. One of us needs more coffee, is it again me ?
Big ISPs don't have the luxury, but I simply only use forwarders that
properly authenticate (mainly because I run the forwarders :-).
However, there are "forwarders" on my list for braindead web service
companies that forge someone elses MAIL FROM. Since they don't forward,
but only send alerts, they are not relaying spam, and I just pretend they are
actually "forwarding".
For a big ISP, the list of trusted forwarders is *per user*. So if the
user picks a braindead forwarder, the forged spam goes in their mailbox. I
see a large dark problem wrt educating users about the cause and effect
relationship. Somehow they need to understand that their forwarding
choices affect the forged spam they receive.
--
Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flammis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to http://v2.listbox.com/member/?list_id=735