From: dar...@chaosreigns.com Date: Tue, 2 Feb 2010 18:38:20 -0500 On 02/02, Marc Perkel wrote: > Why would you want to catch domains without SPF as SPF has no > relationship to detecting spam? SPF is entirely about spam.
Actually, SPF is about forgery and forgery is part of the spam problem. You can still have genuine spam that passes SPF. Messages that get SPF_FAIL are forged spam and can be scored or blocked. http://www.openspf.org/Introduction If everyone uses SPF, all we need to block all spam is these rules (SPF_NOT_PASS alone should do it), and a blacklist of domains that have SPF records including IPs that send spam. Good luck. All you need is to get everybody to use SPF and then have a very large blacklist of spam sending domains. http://www.rhyolite.com/anti-spam/you-might-be.html SPF is easy, there's a wizard http://www.openspf.org/, then you paste the results into the DNS TXT record for your domain). SPF is great for what it does. -jeff
