Thanks for the input Scott. I'm not suggesting using this any time SPF passes, just for specific domains, facebook in particular. Obviously, we can't just allow spf passes, or else all spammers would just setup their own domain, set spf, and be golden.
How are spammers spoofing the SPF? Aren't we only comparing the IP that's hitting our and then checking the SPF record in DNS for that domain to insure that it's an allowable sending IP? To spoof this, wouldn't the spammer need to modify the dns record??? I must be missing something. Thanks On Tue, Jan 19, 2010 at 2:32 PM, Scott Haneda <[email protected]> wrote: > Facebook is in an out of spamcop all the time. Whitelist them. > > I caution you on your SPF ideas as it os possible for spammers to > spoof SPF, and we are seeing it more often. > > I like SPF as a weighted idea, and spamcop too. Spamcop is one dnsbl > you can not just block / accept on unless you have solid dns > whitelists in place. > > -- > Scott > (Sent from a mobile device) > > On Jan 19, 2010, at 7:48 AM, K Post <[email protected]> wrote: > >> just noticed one of the facebook messages being blocked: >> DNSBL, 69.63.178.178 listed in bl.spamcop.net >> >> so it's not even a bayesian error... > ------------------------------------------------------------------------------ > Throughout its 18-year history, RSA Conference consistently attracts the > world's best and brightest in the field, creating opportunities for Conference > attendees to learn about information security's most important issues through > interactions with peers, luminaries and emerging and established companies. > http://p.sf.net/sfu/rsaconf-dev2dev > _______________________________________________ > Assp-test mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/assp-test > ------------------------------------------------------------------------------ Throughout its 18-year history, RSA Conference consistently attracts the world's best and brightest in the field, creating opportunities for Conference attendees to learn about information security's most important issues through interactions with peers, luminaries and emerging and established companies. http://p.sf.net/sfu/rsaconf-dev2dev _______________________________________________ Assp-test mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/assp-test
