Miguel A. Lerma wrote:
> From the explanations there, and articles in other places, I quickly
> decided it's inherently broken.
One has to be aware of its strengths and weaknesses before implementing it,
but the fact is that important and influential domains such as hotmail
and google are adopting it. I had to start publishing SPF records on our
DNS server when most (legitimate) mail from our domain was being flagged
as spam by hotmail, because much of the spam received by them seemed to
be coming from our domain, and hotmail had classified our domain as a
spam mailer. Publishing SPF records, together with disabling forwarding
(as I explain below) was a better and more realistic alternative than
asking our users to stop communicating with hotmail addresses.
:-) My daughter, then a junior scientist, used to work at a .edu.au
place that blocked incoming mail from Hotmail.
I'm just waiting for ImprovedSpamSender, that reads a user's Internet
Exploder's settings (as Thunderbird does) and uses those to send email.
As far as I can see, it will defeat SPF, CSV, Greylisting and everything
else I can think of except outbound filtering by the users' IAP.
This brings one of the main criticisms against SPF, that it breaks
forwarding. That's Ok, I already stopped forwarding on our system, most
users were forwarding spam anyway, and as consequence our domain was being
flagged as a spam mailer. Users that really need to forward email can use
the remailing mechanism instead, making sure that all mail is filtered for
spam _before_ being remailed.
I do have one measure that seems entirely effective against spam, but it
doesn't scale well and it's a little tedious. Probably, many people here
have noticed it. My server that handles email for this domain sits
behind a firewall, and that firewall has a rule that forwards port 25
TCP traffic from selected internet addresses to it. It does mean that
folk from those select internet addresses can't reach my regular
address, but that's okay. I don't like off-list replies.
It might be a useful idea for others though.
--
Cheers
John
-- spambait
[EMAIL PROTECTED] [EMAIL PROTECTED]
-- Advice
http://webfoot.com/advice/email.top.php
http://www.catb.org/~esr/faqs/smart-questions.html
http://support.microsoft.com/kb/555375
You cannot reply off-list:-)
