On 14/05/2009, Dave Lugo <[email protected]> wrote: > On Thu, 14 May 2009, David Saez Padros wrote: > > > > If you read the arguments against callout it says that callouts are > > a broken technique but that's not true (at most a deficient > > implementation of sender callout could be broken) and the problem > > he has is not about sender callouts is about people forging his > > domain, which he can prevent by publishing spf records. Same for > > As a datapoint: > > I've seen spammers disregard SPF, and send a few hundred K > items/day that are forged.
SPF doesn't stop someone sending forgeries, it enables a 3rd party to opt not to receive them, and especially, not to bounce them to the forged sender. A smart spammer might inspect the SPF records of a domain he was about to forge and not forge a domain that is SPF-protected, though. Even more reason to SPF-protect your domain. Peter -- Peter Bowyer Email: [email protected] Follow me on Twitter: twitter.com/peeebeee -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
