Based on my own log files, fully 75% of spam comes from "unknown" and I fail to see how SPF records will affect this, as opposed to the rule of REJECT_UNKNOWN_SENDER.
====================================== Our Anti-spam solution works!! http://www.clickdoug.com/mailfilter.cfm For hosting solutions http://www.clickdoug.com http://www.forta.com/cf/isp/isp.cfm?isp_id=1069 ====================================== ----- Original Message ----- From: "Bud Durland" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, August 09, 2004 8:44 AM Subject: Re: [IMail Forum] SPF Impacts to ISPs : Glenn Smith wrote: : : >Someone's just pointed me to http://spf.pobox.com/ which looks like there could be a whole load of impacts to ISPs. : > : >Has anyone really looked in to this and found anything useful out? From our perspective, we only send email out from our server for our domains, so not a huge issue to add them, although a real pain. : > : >But if you think about someone offering dialup, and they have users sending email with the from address as a personally registered domain rather than the ISPs through the ISP mail server it would stop working. : > : > : > : : From what I've seen, SPF is much more useful as a "fail" test than as a : "pass" test. When you set up SPF, in effect you are saying : "Legitimately sent email that claims to be from my domain(s) will come : from these IP addresses". The most obvious "fail" scenario is the : spammer sending mail via a zombie computer on a broadband connection, : with a forged return address of "[EMAIL PROTECTED]". Presuming Yahoo : has SPF set up, the receiving mail server or client has a mechanism to : check (and cast doubt) on the message. So, as an ISP, the benefit to : you with SPF is additional verification of an e-mail's legitimacy. : : On the other hand, many major spam houses were quick to add SPF to their : won domains. They did this because at first, many people were : incorrectly presuming that if an incoiming message passed SPF, it : probably wasn't spam. This is not true; passing SPF simply means that : the return address in the e-mail probably does belong to the same domain : as the host sending it. : : We use Delcude Junkmail here. I add a small amount of weight to : messages that fail SPF, and neither penalize or reward messages that : pass SPF or don't have SPF set up at all. : : -- : --------------------------------------------------------------------- : "Good is better than Evil because it's nicer" : -- Mammy Yokum : --------------------------------------------------------------------- : Bud Durland, CNE Mold-Rite Plastics : Network Administrator http://www.mrpcap.com : --------------------------------------------------------------------- : : --- : [This E-mail scanned for viruses by Declude Virus / Sophos AV] : : : To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html : List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ : Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ : : To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
