Re: @debian.org email forwarding and SPF
On Thursday, May 20, 2004 8:35 AM, Andrew Pollock <firstname.lastname@example.org>
> On Wed, May 19, 2004 at 10:35:00PM -0400, Eric Dorland wrote:
>> * Andrew Pollock (email@example.com) wrote:
>>> I'm sure firstname.lastname@example.org is not writing me these emails, and I certainly
>>> constitute it as spam, and I would have thought that SPF would have
>>> prevented this?
>> Indeed, it will. It won't prevent the virus from sending from a
>> non-SPF address, but the hope is many will adopt this.
> Again, by my definition of spam as including unsolicited crap,
> usually with a forged from address, SPF would stop it. Can the "SPF
> won't stop spam" proponents please rebutt?
It's not stopping the mail because it's spam - it's stopping the mail
because the sender address is provably false. What happens when the virus
starts sending mail claiming to be from <validuser>@debian.org? It sails
straight through the SPF check...
Given the amount of bounces hitting our company server from mail claiming to
be from valid local addresses, none of which would have been stopped if both
we and the other servers employed SPF, I think the ball is firmly back in
your court. :)
("SPF stops spam" is a roughly equivalent argument to "blocking executables
stops viruses" - it's both inaccurate and confusing cause and effect).