On Thursday 20 May 2004 10.33, Adam D. Barratt wrote: > It's not stopping the mail because it's spam - it's stopping the mail > because the sender address is provably false. What happens when the > virus starts sending mail claiming to be from <validuser>@debian.org? > It sails straight through the SPF check... Huh? Either I've not understand what SPF is all about, or you're just inventing things here. AFAIK, the SPF check is that the email comes from a server not authorized to send @debian.org emails. So no matter if the local part of the address is valid or not, viruses that are not sent from one of the official @debian.org mailservers will be stopped. The spam & viruses that will still come through are those which do not fake their sender addresses. (And these will quickly appear as soon as SPF use is significant: the trojaned computer will just be used to send their shit through the mail APIs, meaning the email will go through the mail relays of the ISPs. Which is a good thing: the ISPs are finally forced to do something about it. I hope. Perhaps in vain - the ISPs will probably just upgrade their mailservers...) -- vbi -- Disinformation is not as good as datinformation.