Re: [spf-discuss] Re: advice wrong, or is it?
2007-12-22 06:14:05
Julian Mehnle wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Bill Adragna wrote:
I've been following this for years, and somebody tell me,
what will prevent the spammers from getting a valid SPF record for
themselves, thus blowing up the whole point of the SPF record?
There seems to be a misunderstanding. The point of SPF is not to stop
spam but to stop sender address forgery. If spammers set up SPF records
for their own domains (which is of course what they have been doing for
years), then we can authenticate mails from their domains with confidence
and blacklist their domains. All the better.
If you want to stop spam, please try SpamAssassin or some other anti-spam
solution.
I know you know this Julian, but it needs to be said.
Lets not put SPF down too much, in the act of stopping forgery, a lot of
spam (and virus generated email) that is forgery gets stopped in the
process.
Consider the spammers who forge email as from "good" or common domains.
One cannot block all emails from certain common domains, so we need to
differentiate between the ones that REALLY come from those domains and
ones that do NOT come from those domains but pretend to.
For a simple case that's easy to see, how many of you have received or
still receive spam that claimed to be from someone at your own domain
but didn't (e.g. claimed to come from YOU at your domain).
If you publish the appropriate SPF record, you can swiftly block those
emails, no false positives (The woodenheaded corner case of blind
.forward'ing email not withstanding, since its irrelevant to 99.9999% of
the world)
Terry
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFHbDT7wL7PKlBZWjsRAvjdAJ9/m7Bd2dCuADw6SJtqWtSiyYcROACeNt8Z
+v7dYdQrpe1xC3y99g/hWKQ=
=f4ot
-----END PGP SIGNATURE-----
-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Archives: http://v2.listbox.com/member/archive/735/=now
RSS Feed: http://v2.listbox.com/member/archive/rss/735/
Modify Your Subscription: http://v2.listbox.com/member/?&
Powered by Listbox: http://www.listbox.com
-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Archives: http://v2.listbox.com/member/archive/735/=now
RSS Feed: http://v2.listbox.com/member/archive/rss/735/
Modify Your Subscription:
http://v2.listbox.com/member/?member_id=2183229&id_secret=78786956-b7ef29
Powered by Listbox: http://www.listbox.com
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
- Re: [spf-discuss] Re: advice wrong, or is it?, (continued)
- Message not available
- Re: [spf-discuss] Re: advice wrong, or is it?, Bill Adragna
- Re: [spf-discuss] Re: advice wrong, or is it?, Gino Cerullo
- Re: [spf-discuss] Re: advice wrong, or is it?, Bill Adragna
- Re: [spf-discuss] Re: advice wrong, or is it?, Alex van den Bogaerdt
- [spf-discuss] SPF PASS spam is good (was:: advice wrong, or is it?), Frank Ellermann
- Re: [spf-discuss] Re: advice wrong, or is it?, David Woodhouse
- Re: [spf-discuss] Re: advice wrong, or is it?, Alex van den Bogaerdt
- Re: [spf-discuss] Re: advice wrong, or is it?, Daniel Taylor
- [spf-discuss] Re: Re: advice wrong, or is it?, Frank Ellermann
- [spf-discuss] Re: advice wrong, or is it?, Julian Mehnle
- Re: [spf-discuss] Re: advice wrong, or is it?,
Terry Fielder <=
- RE: [spf-discuss] Re: advice wrong, or is it?, Mark
- [spf-discuss] Re: advice wrong, or is it?, Julian Mehnle
- Message not available
- Re: [spf-discuss] Re: advice wrong, or is it?, Bill Adragna
- [spf-discuss] Re: advice wrong, or is it?, Frank Ellermann
[spf-discuss] Re: advice wrong, or is it?, Frank Ellermann
[spf-discuss] Re: advice wrong, or is it?, Julian Mehnle
|
|
|