On Thu, Apr 23, 2009 at 12:30:28AM +0000, Stuart Henderson wrote: > I see a tiny little problem with this method... sometimes people send > spam from domains whose DNS they control.
+1 i think part of the success i experience using SPF as a means to create whitelists is in the fact that i maintain the list of domains i fancy whitelisting. unfortunately, it would be trivial for someone to take advantage of an spf-based automatic whitelist to slip right on thru spamd(8). it's a pisser. -- jared
