On 06/09/07, Troy Fuqua <troy(_at_)visiblepulse(_dot_)com> wrote:
The spammers are registering mail domains and setting +all SPF records.
Then the bots can push the spam through.
oh noes.
why was +all allowed to be in there?
So you can be sure that the mail you're receiving is authorised by the
domain that's sending it. Same as all the other mechanisms.
The question you should be asking is why you trust mail that is
authorised by bigspammer.com. The simple fact of an SPF PASS is only
really useful when used in conjunction with a reputation system based
on domain (check out www.karmasphere.com for one such), or simply on
whether you want to receive the mail (a local whitelist).
--
Peter Bowyer
Email: peter(_at_)bowyer(_dot_)org
-------------------------------------------
-----------------------------------------------------------------------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to http://v2.listbox.com/member/?list_id=735
Powered by Listbox: http://www.listbox.com