On Oct 16, 2008, at 9:38 AM, RW wrote:
SPF increases the probability of spam being rejected at the smtp
level at MX servers, so my expectation would be that it would exacerbate
backscatter not improve it.

The main problem resulting in backscatter happens when forged spam from yourdomain.com get gets sent to a legit MX server which accepts the mail initially, and then generates a bounce due to later spam checking or failed delivery to an invalid user. The bounces which then get generated by the legit MX are likely to pass spam checking at yourdomain.com.

Many people recommend SPF for backscatter, but I've yet to hear a cogent argument for why it helps beyond the very optimistic hope that spammers
will check that their spam is spf compliant.

SPF doesn't provide a magic solution to backscatter, but it helps simplify the problem.

If spam can be rejected during the SMTP phase rather than accepted, then most spam-spewing malware simply drops the attempted message rather than actually send a bounce to yourdomain.com. After all, the spammer is looking to deliver spam to lots of different mailboxes, not deliver tons of DSNs to a single mailbox or domain. Failing that, however, any bounces which are being generated are coming from or at least closer to the source of the spam, rather than coming from gmail, hotmail, etc. And if the spamming machine is forging your domain, then yourdomain.com MX boxes have a decent shot of rejecting the forgeries via hello_checks, RBLs, or other methods.


freebsd-questions@freebsd.org mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to