Marc Perkel writes: > [EMAIL PROTECTED] wrote: > > Sounds good, > > I found this an interesting read about why SPF is ineffective: > > http://en.hakin9.org/products/articleInfo/102 > > Excellent article. > > SPF catches no spam - but does create false positives. It's less than > useless. It's dangerous.
Marc -- Please pay attention to what Matt wrote yesterday. Repeat: SPF is *NOT* for catching spam. It works great at what we use it for in SpamAssassin -- as an authentication mechanism, to detect legit ham and whitelist it. This is what you use authentication mechanisms for: similarly, DK, DKIM, and many other proposed standards are for authentication, not for reputation. It *does* work well for that, in our experience. If you want to rail against SPF as a bad anti-spam technology, perhaps a personal blog would be a more appropriate venue? --j.
