On Thu, Apr 23, 2009 at 10:30 AM, Stuart Henderson <[email protected]> wrote: > > I see a tiny little problem with this method... sometimes people send > spam from domains whose DNS they control. > >
If this is the case, then you have an almost direct pointer to the cause. The only way this wouldn't work is if the SPF records get spoofed as a result of a lazy sysadmin not updating the DNS server with a more secure version. You could blacklist domains that fraudulently pass the SPF filter, but that would defeat the purpose - you'd be working as hard as you would be if you were maintaining manual whitelists or blacklists. -- Aaron Mason AKA Absorbent Shoulder Man <i>Oh, why does everything I whip leave me?</i>
