spf-discuss
[Top] [All Lists]

Re: [spf-discuss] The spammers are using +all

2007-09-05 21:06:56
On Wednesday 05 September 2007 23:56, Troy Fuqua wrote:
The spammers are registering mail domains and setting  +all  SPF records.
Then the bots can push the spam through.

oh noes.

why was +all allowed to be in there?

Why would you accept mail just because it has an SPF Pass.  All SPF Pass means 
is that the domain owner authorized the server to send mail.  It says nothing 
about if the mail is spam or not.  SPF Pass can give you a useful name to use 
for name based whitelisting.  

The converse, however, mail that fails SPF does tend to have a pretty strong 
correlation with SPAM.

+all was allowed because there's no point in not allowing it.  It is easy 
enough to craft an SPF record that matches the entire internet, but does not 
obviously do so.  Removing +all would have created a special case that would 
have made programming SPF libraries more complex and provided no actual 
benifit.

Scott K

-------------------------------------------
-----------------------------------------------------------------------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to http://v2.listbox.com/member/?list_id=735
Powered by Listbox: http://www.listbox.com