> ...there are also issues with zombies relaying E-mail through
> legitimate mail hosts, and this could become a much bigger problem
> (I expect it to).
If they can't send from their subscriber IPs anymore due to SPF,
they'll first try sending through the provider's relays. And despite
some people's claims to the contrary, ISPs don't know any more about
mail architecture than corporate administrators (I have often used
this as an argument against the "collateral damagers" who think that
"send through your upstream" is a no-brainer and don't realize that a
complete change of provider is often called for).
As a result, already-shoddy systems (in some major cases) could be
brought to their knees as a result of 100x increases in traffic, even
leaving aside the blacklisting. So they either have to spend $$$ in
capital investments and redesign, or kick the scum off their networks,
tracing them easily by rate and IP. If they're in crisis mode, the
latter is going to be a lot easier.
Sure, then the spammers go to friendlier networks where the networks
are built for their spew, and where SPF poses no restriction. And we
block them by Class C when we can. And in addition--nobody's saying
this won't still be a constant problem--they'll keep using proxies and
relays that don't belong to them, using cracked machines for their
spam worms, etc.
> Am I missing something here? Could SPF not only be ill advised, but
> also detrimental as a whole? Inquiring minds want to know.
I can't imagine how it could be detrimental in any way. The worst it
could be ineffective due to lack of adoption: for example, a big
provider that says it can't afford to use SPF and continues to let
their subscribers send direct will have to be...intimidated...in other
ways.
--Sandy
------------------------------------
Sanford Whiteman, Chief Technologist
Broadleaf Systems, a division of
Cypress Integrated Systems, Inc.
e-mail: [EMAIL PROTECTED]
SpamAssassin plugs into Declude!
http://www.mailmage.com/download/software/freeutils/SPAMC32/Release/
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
---
This E-mail came from the Declude.JunkMail mailing list. To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type "unsubscribe Declude.JunkMail". The archives can be found
at http://www.mail-archive.com.
