John Rudd wrote:
JamesDR wrote:
SPF already does this....
poorly.
We need something that actually works.
Would you care to elaborate on why SPF doesn't work for sender
verification? Its pretty simple, doesn't get much more simple that what
SPF does... If SPF doesn't work, nothing will.
I can see why it works quite well...
ServerA sends mail to ServerB from [EMAIL PROTECTED], ServerB queries
JDoe.net's dns server for an SPF record. ServerB finds that ServerA is
allowed to send mail, ServerB delivers mail (After suitable spam/virus
filtering of course.) SpamerA sends mail to ServerB from [EMAIL PROTECTED],
ServerB queries JDoe.net's dns server for an SPF record. ServerB finds
that SpamerA isn't allowed to be sending mail. ServerB bins the mail.
(All before DATA stage...)
This doesn't stop the bot nets, but stops the Joe Jobs that are so
common. If everyone used spf (and it doesn't break forwarding, if
properly setup) then you would force the spamer in this case to setup
his own addresses, own domain, and own dns server (or hijack some other
poor person's)
SPF doesn't prove hamyness, but can prove spamyness.
--
Thanks,
James
