Re: [spf-discuss] SPF, DKIM, and NIH
2009-10-13 13:29:33
Ian Eiloart wrote:
--On 13 October 2009 13:39:44 +0200 Alessandro Vesely <vesely(_at_)tana(_dot_)it>
wrote:
David MacQuigg wrote:
Ian Eiloart wrote:
If SPF fails, then look for a DKIM signature. If you get a good one,
you're likely seeing traditional forwarding.
Or forwarding by a crook. What prevents a spammer from sending a
billion ads for Viagra, all with a valid DKIM signature from a
reputable
domain? All it takes is one signed message. The rest can be copies,
"forwarded" via a botnet.
Nothing prevents that, but the only purpose it would serve would be to
harm the reputation of the original signer, or to increase the income
of the original signer. The spammer could derive no benefit, since the
advert would not route the buyer through the spammer's reward system.
Most of the spam hitting my receiver at box67.com does not depend on a
reply to a verified address. The spammer or phisher benefits when you
click on a link, or buy a stock, or change your thinking on a political
issue.
As for the reputation of the original signer, it won't suffer much.
Most receivers have enough common sense to not blame Yahoo for one spam
slipping past their filters. Lowering Yahoo's reputation would only
harm the receiver's filtering process.
Now, let's get more specific. Suppose the original message were sent
from a gmail account set up for the purpose. You're proposing this
mechanism to route around rate-limiting, or other bulk mail detectors
on the gmail server. That's fine, it'll do that. And who's reputation
suffers? Not gmail's, but the sender address. With a sufficiently
responsive reputation infrastructure, the sender address will quickly
acquire poor reputation.
Most spam is transmitted by zombies in a botnet. Gmail is an
exception. Their reputation is suffering, because the spam is coming
directly from their authorized transmitters.
Nobody would be daft enough to assign anything but neutral reputation
to the gmail.com domain, would they?
The domain associate with their transmitters is actually google.com, and
our rating has varied from B to C. C is "unknown" or "neutral" to use
your terminology. We have never assigned a rating lower than C, because
spammers never stick with one name long enough to acquire a "bad"
reputation.
-- Dave
-------------------------------------------
Sender Policy Framework: http://www.openspf.org [http://www.openspf.org]
Modify Your Subscription: http://www.listbox.com/member/
[http://www.listbox.com/member/]
Archives: https://www.listbox.com/member/archive/735/=now
RSS Feed: https://www.listbox.com/member/archive/rss/735/
Powered by Listbox: http://www.listbox.com
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
- Re: [spf-discuss] SPF, DKIM, and NIH, (continued)
- Re: [spf-discuss] SPF, DKIM, and NIH, Ian Eiloart
- Re: [spf-discuss] SPF, DKIM, and NIH, Stuart D. Gathman
- Re: [spf-discuss] SPF, DKIM, and NIH, Ian Eiloart
- Re: [spf-discuss] SPF, DKIM, and NIH, Hector Santos
- Re: [spf-discuss] SPF, DKIM, and NIH, Hector Santos
- Re: [spf-discuss] SPF, DKIM, and NIH, Ian Eiloart
- Re: [spf-discuss] SPF, DKIM, and NIH, Hector Santos
- Re: [spf-discuss] SPF, DKIM, and NIH,
David MacQuigg <=
- Re: [spf-discuss] SPF, DKIM, and NIH, Ian Eiloart
- Re: [spf-discuss] SPF, DKIM, and NIH, David MacQuigg
- Re: [spf-discuss] SPF, DKIM, and NIH, Ian Eiloart
- Re: [spf-discuss] SPF, DKIM, and NIH, David MacQuigg
- Re: [spf-discuss] SPF, DKIM, and NIH, Ian Eiloart
- Re: [spf-discuss] SPF, DKIM, and NIH, David MacQuigg
- Re: [spf-discuss] SPF, DKIM, and NIH, Stuart D. Gathman
- Re: [spf-discuss] SPF, DKIM, and NIH, David MacQuigg
- Re: [spf-discuss] SPF, DKIM, and NIH, Sanford Whiteman
- Re: [spf-discuss] SPF, DKIM, and NIH, Ian Eiloart
|
Previous by Date: |
Re: [spf-discuss] SPF, DKIM, and NIH, Ian Eiloart |
Next by Date: |
Re: [spf-discuss] SPF, DKIM, and NIH, Stuart D. Gathman |
Previous by Thread: |
Re: [spf-discuss] SPF, DKIM, and NIH, Hector Santos |
Next by Thread: |
Re: [spf-discuss] SPF, DKIM, and NIH, Ian Eiloart |
Indexes: |
[Date]
[Thread]
[Top]
[All Lists] |
|
|