I run a mail gateway. It is a pain these days. Many people find it easier to outsource email to experts. You have to constantly keep up with the latest things spammers are doing. I use a bunch of techniques but you can't bounce emails. Rarely have I had issues with SPF, only when someone has misconfigured it or misconfigured their DNS.
Spammers constantly scan for mail servers with vulnerabilities. In this case they found one that bounced emails so they could Joe Job it.(http://en.wikipedia.org/wiki/Joe_job). Fairly quickly it will run afoul of DBLs or ISPs and people will stop talking to it and/or the owner will fix it or take it down or have it taken down. I haven't seen Joe Jobs for a while. Most people don't allow it these days. On 2014/Jul/11, at 11:59 AM, Jeremy Visser wrote: > Hi Stephen, > > On 09/07/14 17:35, Stephen Rothwell wrote: >> SPF is broken by design (consider forwarding - including mailing >> lists). > > That’s because you’re forwarding incorrectly. SPF validation is done based > on the envelope, not the To/From headers, and all good mailing list software > will fix this for you. For example, your e-mail from the list to me > contained these pertinent headers: > > From: Stephen Rothwell <[email protected]> > To: Hamish Moffatt <[email protected]> > Sender: [email protected] > Return-Path: <[email protected]> > > And the SMTP exchange would (presumably) have begin with "MAIL > FROM:<[email protected]>". Therefore, the SPF validation is > done against whether the sender can send from mailman.anu.edu.au, not > rothwell.id.au. > > A different situation I commonly encounter where forwarding happens but the > envelope doesn’t change is if you deploy a spam filtering box (e.g. Postfix + > Amavisd) in front of another box (e.g. MS Exchange). If you don’t tell the > downstream box (in this case, the MS Exchange box) to fully trust the > upstream box, then it may erroneously perform SPF validation (MS calls it > Sender ID validation, but same diff) on incoming messages (which will > obviously fail). I don’t see this as an SPF failure — rather, it’s a > misconfiguration that stems from not thinking about the mail flow properly. > > Jeremy. > _______________________________________________ > Link mailing list > [email protected] > http://mailman.anu.edu.au/mailman/listinfo/link -- Kim Holburn IT Network & Security Consultant T: +61 2 61402408 M: +61 404072753 mailto:[email protected] aim://kimholburn skype://kholburn - PGP Public Key on request _______________________________________________ Link mailing list [email protected] http://mailman.anu.edu.au/mailman/listinfo/link
