On Wed, 2008-04-09 at 19:04, Jonathan Nichols wrote: > On Apr 8, 2008, at 2:50 PM, McDonald, Dan wrote: > > > > > On Tue, 2008-04-08 at 12:36 -0700, ahgu wrote: > >> They forged the header with my email addr as the return address. > >> When it get bounced back by a server, everything is valid. Since > >> the server > >> strip off most of the content, it can pass the spamassassin very > >> easily. I > >> wonder if anyone got this problem? > > > > Of course, it is very common. > > > > SPF does a reasonable job of stopping it, since it is not worth the > > spammer's time to forge when a good portion will be ditched as > > violating > > spf. > > > > Guys? He's been joe-jobbed. > > From the original email: "somebody is using my email as the bounce- > back return email. > How do I avoid the problem?" > > If SPF is supposed to prevent this, I can say that it sure as heck > doesn't seem to. Despite having SPF records, I still managed to have > my hostmaster@ address become the recipient of a few thousand bounce > notifications the other day. :| > SPF is ineffective if you set the record up incorrectly. As the rules for doing so are somewhat opaque I'd *strongly* suggest that you use wizard at
http://www.openspf.org to create your SPF record and the tools there and at http://www.kitterman.com/spf/validate.html to check and correct your SPF record after its been deployed. HTH, Martin