Re: [spf-discuss] SPF, DKIM, and NIH

Stuart D. Gathman wrote:
> On Fri, 16 Oct 2009, David MacQuigg wrote:
>
>   
> > > Absolutely, but you want to check the DKIM signature before applying the
> > > whitelist. Otherwise, every whitelist entry is an invitation to spam.
> > >       
> > I've never seen it happen.  A spammer would have to know both addresses
> > exactly.  If an individual recipient whitelists an individual sender, we pass
> > it straight through, without SPF, DKIM, SpamAssassin, or anything else that
> > might cause a false reject.
> >     
> We get lots of forgeries of whitelisted addresses.  If such a sender doesn't
> provide an SPF record, I guess one and add it to a DNS zone used for the
> purpose.
>
> How do the spammers know?  Well, as soon as they infect a PC, they
> get all the addresses from the M$ AddressBook and phone home.  Even
> after the PC is cleaned or reinstalled, other zombies all over the world
> continue to spew forth forged email from emails of OutLook accounts to 
> emails in the AddressBook.
>   
Ah, good point.  I've gotten one of those myself, sent from a neighbor's 
computer, an ad for a male enhancement product.  I called her - "Connie, 
are you trying to tell me something?" :>)  She didn't think it was 
funny. :>(
Seriously, though, I can't see changing our setup.  This is a tiny 
fraction of the spam hitting our receiver.  The best way to deal with it 
is let the recipient call his/her correspondent, and get them to stop 
putting their real address in chain letters.
-- Dave



-------------------------------------------
Sender Policy Framework: http://www.openspf.org [http://www.openspf.org]
Modify Your Subscription: http://www.listbox.com/member/ 
[http://www.listbox.com/member/]

Archives: https://www.listbox.com/member/archive/735/=now
RSS Feed: https://www.listbox.com/member/archive/rss/735/
Powered by Listbox: http://www.listbox.com