On Sat, 7 Nov 2009 21:25:17 +0100 Wojciech Scigala
<libspf2(_dot_)org(_at_)wojtus(_dot_)net>
wrote:
On Sat, Nov 07, 2009 at 02:55:30PM -0500, Scott Kitterman wrote:
I think you should take note of such domains and mark all mail from them
as
bad. This should be done at the application level, not in the library.
It's a good thing the spammers are telling you about a bad domain.
Well, I don't think that's a good approach. Firstly, that would need
a double, independent checking of SPF record (by libspf and
application). Secondly, numbers of these domains are hard to
estimate and maybe it would need a RBL-like solution.
Also, keep in mind that a spammer does not need to have any access
to the domain to abuse it's wrong SPF code.
True, but it takes DNS access to publish such a record, so that's probably
good enough for me.
Scott K
-------------------------------------------
Sender Policy Framework: http://www.openspf.org [http://www.openspf.org]
Modify Your Subscription: http://www.listbox.com/member/
[http://www.listbox.com/member/]
Archives: https://www.listbox.com/member/archive/735/=now
RSS Feed: https://www.listbox.com/member/archive/rss/735/
Powered by Listbox: http://www.listbox.com