Amos Shapira wrote:
On 10/01/07, Howard Lowndes <[EMAIL PROTECTED]> wrote:
Just out of curiosity, and because I am procrastinating about doing
something else, I ran a quick analysis across my mail log file to see
what the extent of the use of SPF is:
pass 29517
neutral 30354
softfail 31082
none 4783
unkown 31143
I remember seeing a mention of SPF and SenderID(?) a while ago concluding
that actually spammers were the first to rush to get themselves the right
records, virtually to the point that finding an SPF record could increase
the probability that you are dealing with a spammer (not that I'd suggest
anyone to use such a rule by itself, e.g. Gmail/Yahoo mail would fail
such a
rule, filtering Hotmail is probably a good idea anyway :).
That was entirely not the point of SPF though.
Merely HAVING an SPF record doesn't make you less of a spammer. It does
however remove mail server spoofing and provide a verified identity for
the mail servers.
You know the people sending you mail are who they say they are.
And once you know for sure that they are who they say they are, you can
them use that identity to work out if they are goodies or baddies
properly based on who they are.
So it provides a platform for identity-based filtering.
The spammers having SPF records merely forced them to come out openly
about who they were.
Adam K
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
