spf-discuss
[Top] [All Lists]

Re: [spf-discuss] limit ip-range for "pass" elements

2009-11-07 15:35:07
On Sat, 7 Nov 2009 21:25:17 +0100 Wojciech Scigala 
<libspf2(_dot_)org(_at_)wojtus(_dot_)net> 
wrote:
On Sat, Nov 07, 2009 at 02:55:30PM -0500, Scott Kitterman wrote:

I think you should take note of such domains and mark all mail from them 
as 
bad.  This should be done at the application level, not in the library.

It's a good thing the spammers are telling you about a bad domain.
Well, I don't think that's a good approach. Firstly, that would need
a double, independent checking of SPF record (by libspf and
application). Secondly, numbers of these domains are hard to
estimate and maybe it would need a RBL-like solution.

Also, keep in mind that a spammer does not need to have any access
to the domain to abuse it's wrong SPF code.

True, but it takes DNS access to publish such a record, so that's probably 
good enough for me.

Scott K


-------------------------------------------
Sender Policy Framework: http://www.openspf.org [http://www.openspf.org]
Modify Your Subscription: http://www.listbox.com/member/ 
[http://www.listbox.com/member/]

Archives: https://www.listbox.com/member/archive/735/=now
RSS Feed: https://www.listbox.com/member/archive/rss/735/
Powered by Listbox: http://www.listbox.com

<Prev in Thread] Current Thread [Next in Thread>