spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [spf-discuss] Re: Revising FAIL

2008-01-09 03:29:57
from [Michael Deutschmann] [Permanent Link] 
On Tue, 8 Jan 2008, Frank Ellermann wrote:

As long as spammers must fear that SPF FAIL never makes it they
can't abuse FAIL protected addresses anywhere.  With your proposal
they could abuse SPF FAIL protected addresses at all receivers not
rejecting FAIL outright.


That's a silly reason not to reject on fail.  Since post-transactionally
bouncing mail because of SPF Fail is daft, such mail would have to be
blackholed.  Some mail in that stream might just be unknown traditional
forwards.

Also, I don't think it would work as you intend.

A dumb spammer-customer would pay for each message that gets through the
initial transaction -- that gets a 250 after CR LF '.' CR LF.
Accepting-then-blackholing would make the spam run more profitable for the
spammer.

A smarter spammer-customer would place web bugs in his messages, or put ids
in the "click here to buy" URLs, and then pay the spammer per *read* message.
(Yeah, smart people are immune to webbugs, but they don't buy spammed
merchandise either, so the spammer-customer won't pay to reach them.)
Accepting-then-blackholing is no different than rejecting upfront, to them.


That said, I believe making reject-on-SPF-fail a MUST is a bad idea, since
that would mean no sender would be entitled to use "-all" unless he is
CERTAIN that he never sends mail to a traditionally forwarded mailbox.  If
senders eschewed "-all" for that reason, the distinction between a domain
where all users use trusted smarthosts, and one where trusted smarthosts are
available but not everyone reliably uses them, would be lost in SPF.

And recipients who have whitelisted all forwarders are very interested to
make that distinction.

---- Michael Deutschmann <michael(_at_)talamasca(_dot_)ocis(_dot_)net>

-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Archives: http://v2.listbox.com/member/archive/735/=now
RSS Feed: http://v2.listbox.com/member/archive/rss/735/
Modify Your Subscription: 
http://v2.listbox.com/member/?member_id=2183229&id_secret=83592707-520ccc
Powered by Listbox: http://www.listbox.com
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: [spf-discuss] Forwarder whitelisting counter-proposal: SPF "i-am=" modifier, Michael Deutschmann
Next by Date:  Re: [spf-discuss] Re: Revising FAIL, Ian Eiloart
Previous by Thread:  Re: [spf-discuss] Re: Revising FAIL, Daniel Taylor
Next by Thread:  Re: [spf-discuss] Re: Revising FAIL, Alessandro Vesely
Indexes:  [Date] [Thread] [Top] [All Lists]