[Mimedefang] Deadline for SPF records
Matthew.van.Eerde at hbinc.com
Matthew.van.Eerde at hbinc.com
Mon Aug 9 19:12:57 EDT 2004
Les Mikesell wrote:
> On Mon, 2004-08-09 at 15:54, Kelson Vibber wrote:
>> At 01:17 PM 8/9/2004, Les Mikesell wrote:
>>> So SPF is going to be painful until everyone uses it and then
>>> it still won't solve the real problem.
>>
>> Floods of invalid bounces from forged addresses aren't a problem?
>
> It's not the first thing that comes to mind when I think
> of email problems.
I agree that invalid bounces from forged addresses aren't really a blip
on the scale of email problems. Also they can easily be solved using
existing technology - just have every organization push their "valid
user" list to the mail servers on their network boundary. Then the mail
will be rejected at RCPT TO time, with no undeliverable message
generated. (The ratware and spamware won't generate an undeliverable
message when faced with a 550 No such user.)
> Even if it were, I'd want to solve it
> for the entire address, not just the domain portion. Can't
> someone still forge the user name as long as the domain
> name is correct for the originating IP address or will that
> take yet another change in all MTA's to enforce before this one is
> very useful?
Huh? No. For someone to forge the username, they'd have to be in the
list of SPF-authenticated senders, in which case it's not really
forgery.
Matthew.van.Eerde at hbinc.com 805.964.4554 x902
Hispanic Business Inc./HireDiversity.com Software Engineer
perl -e"map{y/a-z/l-za-k/;print}shift" "Jjhi pcdiwtg Ptga wprztg,"
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 2905 bytes
Desc: not available
URL: <https://lists.mimedefang.org/pipermail/mimedefang_lists.mimedefang.org/attachments/20040809/b1911b0f/attachment.bin>
More information about the MIMEDefang
mailing list