[Mimedefang] SPF Usefulness (was Re: SNARE spam detection)

David F. Skoll dfs at roaringpenguin.com
Wed Jul 29 17:07:49 EDT 2009


Paul Murphy wrote:

> Proper implementation of SPF or a similar system across all mail domains
> would cut spamming by 99% overnight,

No, it wouldn't.

Spammers would publish SPF records for their throwaway domains.  We
already see this quite a bit.

> and would remove almost all of the risk from phishing mails.

Not really.  SPF applies to envelope senders; people's mail clients
show the header senders.  So you can have MAIL FROM:<spammer at throwaway.net>
and From: <servce at intl.paypal.com> with an SPF pass. :-(

Regards,

David.



More information about the MIMEDefang mailing list