Justin Mason wrote:
Marc Perkel writes:
[EMAIL PROTECTED] wrote:
Sounds good,
I found this an interesting read about why SPF is ineffective:
http://en.hakin9.org/products/articleInfo/102
Excellent article.
SPF catches no spam - but does create false positives. It's less than
useless. It's dangerous.
Marc --
Please pay attention to what Matt wrote yesterday. Repeat: SPF is *NOT*
for catching spam. It works great at what we use it for in SpamAssassin
-- as an authentication mechanism, to detect legit ham and whitelist it.
This is what you use authentication mechanisms for: similarly, DK, DKIM,
and many other proposed standards are for authentication, not for
reputation. It *does* work well for that, in our experience.
If you want to rail against SPF as a bad anti-spam technology, perhaps a
personal blog would be a more appropriate venue?
--j.
Two things Jason,
First - I agree with you that SPF is totally useless at detecting spam.
I would say it is also useless at detecting ham.
Second - tell it to everyone here who is suggesting that SPF is a spam
solution of some sort.
SPF really has no useful function at all.
