Re: @debian.org email forwarding and SPF

To: "debian-devel" <debian-devel@lists.debian.org>
Subject: Re: @debian.org email forwarding and SPF
From: "Adam D. Barratt" <highvol-debian-devel@adam-barratt.org.uk>
Date: Thu, 20 May 2004 09:33:34 +0100
Message-id: <[🔎] 01ba01c43e45$2413a7f0$eb00010a@andromeda>
References: <[🔎] 40A66AB9.1060004@neggie.net> <[🔎] 20040517001607.GC17552@wonderland.linux.it> <[🔎] 20040519021030.GB22828@daedalus.andrew.net.au> <[🔎] 20040519025808.GH28235@suffields.me.uk> <[🔎] 20040520005204.GA10852@daedalus.andrew.net.au> <[🔎] 20040520023500.GC3421@nightcrawler.kuroneko.lan> <[🔎] 20040520073507.GA16573@daedalus.andrew.net.au>

On Thursday, May 20, 2004 8:35 AM, Andrew Pollock <apollock@debian.org>
wrote:

> On Wed, May 19, 2004 at 10:35:00PM -0400, Eric Dorland wrote:
>> * Andrew Pollock (apollock@debian.org) wrote:
[...]
>>> I'm sure honey@d.o is not writing me these emails, and I certainly
>>> constitute it as spam, and I would have thought that SPF would have
>>> prevented this?
>>
>> Indeed, it will. It won't prevent the virus from sending from a
>> non-SPF address, but the hope is many will adopt this.
>
> Again, by my definition of spam as including unsolicited crap,
> usually with a forged from address, SPF would stop it. Can the "SPF
> won't stop spam" proponents please rebutt?

It's not stopping the mail because it's spam - it's stopping the mail
because the sender address is provably false. What happens when the virus
starts sending mail claiming to be from <validuser>@debian.org? It sails
straight through the SPF check...

Given the amount of bounces hitting our company server from mail claiming to
be from valid local addresses, none of which would have been stopped if both
we and the other servers employed SPF, I think the ball is firmly back in
your court. :)

("SPF stops spam" is a roughly equivalent argument to "blocking executables
stops viruses" - it's both inaccurate and confusing cause and effect).

Adam

Reply to:

Follow-Ups:
- Re: @debian.org email forwarding and SPF
  - From: Adrian 'Dagurashibanipal' von Bidder <avbidder@fortytwo.ch>
- Re: @debian.org email forwarding and SPF
  - From: Isaac To <kkto@csis.hku.hk>
- Re: @debian.org email forwarding and SPF
  - From: Andrew Pollock <apollock@debian.org>

References:
- @debian.org email forwarding and SPF
  - From: John Belmonte <john@neggie.net>
- Re: @debian.org email forwarding and SPF
  - From: Marco d'Itri <md@Linux.IT>
- Re: @debian.org email forwarding and SPF
  - From: Andrew Pollock <apollock@debian.org>
- Re: @debian.org email forwarding and SPF
  - From: Andrew Suffield <asuffield@debian.org>
- Re: @debian.org email forwarding and SPF
  - From: Andrew Pollock <apollock@debian.org>
- Re: @debian.org email forwarding and SPF
  - From: Eric Dorland <eric@debian.org>
- Re: @debian.org email forwarding and SPF
  - From: Andrew Pollock <apollock@debian.org>

Prev by Date: Re: @debian.org email forwarding and SPF
Next by Date: Re: @debian.org email forwarding and SPF
Previous by thread: Re: @debian.org email forwarding and SPF
Next by thread: Re: @debian.org email forwarding and SPF
Index(es):
- Date
- Thread