On Fri, Jan 14, 2005 at 10:46:08PM -0500, Dean Anderson wrote: > Unless everyone uses SPF, you cannot reject based on SPF. SPF rejection > creates blockback abuse problems.
Sure you can. If the domain has records published, and a fail occurs, you can reject. You can't reject if there is no record published though. > If you lower your spam checks because of SPF, you will attract spam (and > spammers) to your internet service. This is why spammers are so excited > about SPF. That's why it's an anti-spoofing technique, not an anti-spam technique. If people are using it for anti-spam, then they've obviously not read anything about how it works. > BTW, DNS spoofing requires about 32000 packets, and is quite a bit easier > than say, WEP decryption. It's possible, but since the attack would be per recipient DNS server, spammers are very unlikely to do anything with this. Even if they did though, it just means the mail gets through one level of protection. > SPF is patented by M$. BS. PRA is patented by M$, SPF != PRA. -- Theo Van Dinter, [EMAIL PROTECTED]/[EMAIL PROTECTED] Systems Administrator, bblisa.org/kluge.net
pgp9vXZOy2LBh.pgp
Description: PGP signature
_______________________________________________ bblisa mailing list [email protected] http://www.bblisa.org/mailman/listinfo/bblisa
