> In theroy that idea isnt even that great, and in practice a hygene server is > a better place to do the most course obvious spam. There is stuff that is > very obviously not wanted such as items coming from rouge servers that we > can prove thanks to SPF or Sender-ID being setup correctly.
Validating that SPF or Sender-ID has been setup correctly - great when it works, not so much about fighting SPAM more about fighting bad admins. SPAM gets through still though. In many cases of SPAM it's the user account that has been cracked and the spammers are using full valid SPF and Sender-IDs, heck it's even signed with DKIM too. > There is no > reason that a server that can verify that another server has no right to > send should pass on a potentially risky email to the user, it is actually > very irresponsible to do so especially since you are going to treat a user > that may have no clue about email headers as an idiot because they clicked > on a message that if you had a script take two milliseconds to look at could > have told you it was spam. > Not everyone is a computer scientist, and stuff that is obvious should be > dealt with long before your users have to deal with it manually. You're missing my point. You cannot determine what "stuff" should be dealt with on account of your users. Period. One single "false positive" is enough. > > On Wed, Apr 30, 2014 at 6:59 PM, Martin Braun <[email protected]> > wrote: >> >> IMHO spam should be dealt with only on the client, not on the server. >> It is not the task of the server to determine what is spam and what is >> not. I know everyone does it, I used to do it too, but it is wrong. >> >> 2014-04-26 16:26 GMT+02:00 Stéphane Guedon <[email protected]>: >> > Le samedi 26 avril 2014 07:20:19, vous avez écrit : >> >> Hi John, >> >> >> >> At 06:04 26-04-2014, John Cox wrote: >> >> >Unfortunately the whole point of SPF (unlike Sender-ID which works >> >> >much better and on much the same principles) is that you can reject >> >> >the message before receiving it so you wouldn't have the DKIM stuff >> >> >(which I think requires you to have the entire message?). >> >> >> >> SPF allows processing using envelope information. DKIM processing >> >> can only occur after the entire message has been received. >> >> >> >> Regards, >> >> -sm >> > >> > I am myself in need for a good antispam solution with opensmtpd. >> > >> > if dkim (which I don't use yet) and spf are not really working, what's >> > the good way (I am already using spamd, not enough !) >> >> -- >> You received this mail because you are subscribed to [email protected] >> To unsubscribe, send a mail to: [email protected] >> > > > > -- > Jason Barbier | [email protected] > Pro Patria Vigilans -- You received this mail because you are subscribed to [email protected] To unsubscribe, send a mail to: [email protected]
