[Mimedefang] OT but interesting hopefully - Spammers embrace email authentication
Jeff Rife
mimedefang at nabs.net
Fri Sep 3 12:59:41 EDT 2004
On 3 Sep 2004 at 9:05, Kelson wrote:
> If it does
> match, you can move on to accreditation (such as "SPF has verified that
> this came from knownspammer.biz, therefore I can safely reject it" or
> "SPF has verified that this came from mybusinesspartner.tld, therefore I
> can accept it with less filtering."
The second part, I can see. The first isn't possible due to the fact
that domains cost basically nothing to buy. A bad guy can have 50
domains waiting in the wings, and send SPF-accurate SPAM from each one
until they start getting caught by rules like you say. Then, they move
on to the next domain. Multiply that by thousands of bad guys, and
life sucks.
On the other hand, although your second filter is accurate, it's not
necessary. All legitimate e-mail gets through right now, and auto-
whitelisting with SpamAssassin gives me the same thing that SPF is
supposed to: large "non-SPAM" scores for e-mail that comes from people
I regularly do business with.
BTW, I *have* had e-mail rejected because my SPF record wasn't 100%
correct (I forgot an alternate name for a listserver).
--
Jeff Rife | "Grab a shovel...I'm only one skull
SPAM bait: | short of a Mouseketeer reunion."
AskDOJ at usdoj.gov |
spam at ftc.gov | -- Bender, "Futurama"
More information about the MIMEDefang
mailing list