On Sat, 11 Sep 2004, Codger wrote: > I don't think it would make any difference if the spammer listed any > other servers in HIS DNS SPF records. Your server won't look at his DNS > for yahoo's SPF records. That's what SPF is all about. It gives the > owner of the domain name exclusive ability to say who is and is not a > valid sender for that domain. > > So an SPF fail is significant and should score so high in and of itself > that it is essentially a realtime blacklisting without creating a > realtime blacklist. As to DOS, what more will spammers do anyway that > they don't already do? You can easily make an SPF failed email just die > without them even know it!
The problem, however, is that SPF's usability also relies on MX records. In my case, I have 2 MX records, and my SPF record is set up thusly: "v=spf1 a mx -all" Essentially saying that all my MX records are valid senders, as well. All the spammer has to do is list those servers as MX records (whether or not they'll accept inbound mail is irrelevant for the discussion at hand), set up their SPF record like above, and essentially create an effective DoS for mail from those servers. -- Mike Burger http://www.bubbanfriends.org Visit the Dog Pound II BBS telnet://dogpound2.citadel.org or http://dogpound2.citadel.org To be notified of updates to the web site, visit http://www.bubbanfriends.org/mailman/listinfo/site-update, or send a message to: [EMAIL PROTECTED] with a message of: subscribe
