On Wed, 2008-04-09 at 19:04, Jonathan Nichols wrote:
> On Apr 8, 2008, at 2:50 PM, McDonald, Dan wrote:
>
> >
> > On Tue, 2008-04-08 at 12:36 -0700, ahgu wrote:
> >> They forged the header with my email addr as the return address.
> >> When it get bounced back by a server, everything is valid. Since
> >> the server
> >> strip off most of the content, it can pass the spamassassin very
> >> easily. I
> >> wonder if anyone got this problem?
> >
> > Of course, it is very common.
> >
> > SPF does a reasonable job of stopping it, since it is not worth the
> > spammer's time to forge when a good portion will be ditched as
> > violating
> > spf.
> >
>
> Guys? He's been joe-jobbed.
>
> From the original email: "somebody is using my email as the bounce-
> back return email.
> How do I avoid the problem?"
>
> If SPF is supposed to prevent this, I can say that it sure as heck
> doesn't seem to. Despite having SPF records, I still managed to have
> my hostmaster@ address become the recipient of a few thousand bounce
> notifications the other day. :|
>
SPF is ineffective if you set the record up incorrectly. As the rules
for doing so are somewhat opaque I'd *strongly* suggest that you use
wizard at
http://www.openspf.org
to create your SPF record and the tools there and at
http://www.kitterman.com/spf/validate.html
to check and correct your SPF record after its been deployed.
HTH,
Martin
