Re: [spf-discuss] SPF, DKIM, and NIH
2009-10-16 18:15:33
On Fri, 16 Oct 2009, David MacQuigg wrote:
Absolutely, but you want to check the DKIM signature before applying the
whitelist. Otherwise, every whitelist entry is an invitation to spam.
I've never seen it happen. A spammer would have to know both addresses
exactly. If an individual recipient whitelists an individual sender, we pass
it straight through, without SPF, DKIM, SpamAssassin, or anything else that
might cause a false reject.
We get lots of forgeries of whitelisted addresses. If such a sender doesn't
provide an SPF record, I guess one and add it to a DNS zone used for the
purpose.
How do the spammers know? Well, as soon as they infect a PC, they
get all the addresses from the M$ AddressBook and phone home. Even
after the PC is cleaned or reinstalled, other zombies all over the world
continue to spew forth forged email from emails of OutLook accounts to
emails in the AddressBook.
--
Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flammis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.
-------------------------------------------
Sender Policy Framework: http://www.openspf.org [http://www.openspf.org]
Modify Your Subscription: http://www.listbox.com/member/
[http://www.listbox.com/member/]
Archives: https://www.listbox.com/member/archive/735/=now
RSS Feed: https://www.listbox.com/member/archive/rss/735/
Powered by Listbox: http://www.listbox.com
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
- Re: [spf-discuss] SPF, DKIM, and NIH, (continued)
- Re: [spf-discuss] SPF, DKIM, and NIH, David MacQuigg
- Re: [spf-discuss] SPF, DKIM, and NIH, Ian Eiloart
- Re: [spf-discuss] SPF, DKIM, and NIH, David MacQuigg
- Re: [spf-discuss] SPF, DKIM, and NIH, Ian Eiloart
- Re: [spf-discuss] SPF, DKIM, and NIH, David MacQuigg
- Re: [spf-discuss] SPF, DKIM, and NIH, Ian Eiloart
- Re: [spf-discuss] SPF, DKIM, and NIH, David MacQuigg
- Re: [spf-discuss] SPF, DKIM, and NIH,
Stuart D. Gathman <=
- Re: [spf-discuss] SPF, DKIM, and NIH, David MacQuigg
- Re: [spf-discuss] SPF, DKIM, and NIH, Sanford Whiteman
- Re: [spf-discuss] SPF, DKIM, and NIH, Ian Eiloart
- Re: [spf-discuss] SPF, DKIM, and NIH, Ian Eiloart
- Re: [spf-discuss] SPF, DKIM, and NIH, David MacQuigg
- Re: [spf-discuss] SPF, DKIM, and NIH, Ian Eiloart
- Spear Phishing (was: [spf-discuss] SPF, DKIM, and NIH), Steven Dorst
- Re: Spear Phishing (was: [spf-discuss] SPF, DKIM, and NIH), Stuart D. Gathman
- RE: Spear Phishing (was: [spf-discuss] SPF, DKIM, and NIH), Steven Dorst
- [spf-discuss] Tracking userids --was: SPF, DKIM, and NIH, Alessandro Vesely
|
Previous by Date: |
Re: [spf-discuss] SPF, DKIM, and NIH, David MacQuigg |
Next by Date: |
Re: [spf-discuss] SPF, DKIM, and NIH, David MacQuigg |
Previous by Thread: |
Re: [spf-discuss] SPF, DKIM, and NIH, David MacQuigg |
Next by Thread: |
Re: [spf-discuss] SPF, DKIM, and NIH, David MacQuigg |
Indexes: |
[Date]
[Thread]
[Top]
[All Lists] |
|
|