--- On Tue, 3/23/10, Jakub Wasielewski <[email protected]> wrote:
> > ...
> > Here's your problem. You haven't checked the sender
> against SPF....
>
> True unless sender is a spamtrap of some dnsbl list - than you're
> listed and problem is yours ;)
All proper spamtrap mailboxes should have SPF records indicating that they
don't send mail at all ("v=spf1 -all" if the entire domain is a trap), or have
a proper record restricting to authorized senders. In the latter category, a
true spamtrap mailbox will NEVER be used as a sender from an authorized place,
so it should always fail SPF.
An UNPROTECTED (by SPF or alternative method; e.g. Domainkeys "always signed")
spamtrap mailbox is not a valid construct, but misbehavior as damaging as spam
itself. A spammer may use it as a sending source where the recipient has no
way to determine it's not valid (since it's unprotected), and thus any reply
(whether manual or automatic) is APPROPRIATE traffic, thus leading to false
positive listings.
The admin. of the backscatterer and UCEprotect lists, is completely CLUELESS as
to this requirement. Every mailbox and domain owner, and especially DNSBL
operators, have a responsibility to prevent their mailbox resources from being
used as forged sources. Failure to prevent this pollutes their blacklists.
_______________________________________________
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID. You may ignore it.
Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list [email protected]
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
