[Mimedefang] SPF Usefulness (was Re: SNARE spam detection)
David F. Skoll
dfs at roaringpenguin.com
Wed Jul 29 17:07:49 EDT 2009
Paul Murphy wrote:
> Proper implementation of SPF or a similar system across all mail domains
> would cut spamming by 99% overnight,
No, it wouldn't.
Spammers would publish SPF records for their throwaway domains. We
already see this quite a bit.
> and would remove almost all of the risk from phishing mails.
Not really. SPF applies to envelope senders; people's mail clients
show the header senders. So you can have MAIL FROM:<spammer at throwaway.net>
and From: <servce at intl.paypal.com> with an SPF pass. :-(
More information about the MIMEDefang