[Mimedefang] Re: What to do about bounced forgeries?
Kevin A. McGrail
kmcgrail at pccc.com
Mon Dec 22 17:28:29 EST 2003
> It looks like this shouldn't be an issue. If a spammer posts an SPF
record
> for his domain, all it means is that they have to use the servers they
> listed to send their spam - and that you know for sure who sent
> it! Existing RBLs and filtering methods should do the job.
>
> From what I've read, the idea isn't to directly identify spam/ham so much
> as it is to identify forgeries, making it easier for *other* tools to
> identify spam (and saving innocent bystanders from getting misdirected
> complaints and bounces).
>
> After all, if you get SPF-conformant mail from yahoo.com, it could still
be
> a spammer with a throwaway Yahoo account. But they won't be able to just
> *forge* a Yahoo address anymore, so they'll have to either use their own
> domain or go to the effort of signing up at Yahoo and getting kicked off
as
> soon as they get reported.
Makes sense. Thanks for the explanation.
KAM
More information about the MIMEDefang
mailing list