[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: @debian.org email forwarding and SPF

On Thu, May 20, 2004 at 08:46:27PM +0800, Isaac To wrote:
> >>>>> "Andrew" == Andrew Suffield <asuffield@debian.org> writes:
>     Andrew> - invalid sender addresses - valid sender addresses from domains
>     Andrew> without SPF enabled
>     Andrew> SPF can't stop spam because spammers can trivially evade its
>     Andrew> effects. You seem to be assuming that spammers are incapable of
>     Andrew> changing their behaviour to respond to things like this.
> This is partially correct, but not entirely.  If you receive a mail from a
> non-existent domain, you can very safely ignore the mail altogether.  So the
> first evasion scheme is not of any use.

Tell that to the spammers. They certainly seem to think it's useful;
they've been doing it for years.

The fact that you, personally, filter these is not relevant; you are
not their target. Their target is the sort of person too stupid to
filter these mails. You're just collateral damage.

> The second is somewhat useful for
> certain period of time, until most sites enable SPF.

Stop. SPF is not suitable for use on most sites. See this thread. Your
argument is predicated on this not being true.

An even more efficient way to solve the spam problem is to stop
accepting any mail at all. That will eliminate 100% of the spam you
currently receive.

  .''`.  ** Debian GNU/Linux ** | Andrew Suffield
 : :' :  http://www.debian.org/ |
 `. `'                          |
   `-             -><-          |

Attachment: signature.asc
Description: Digital signature

Reply to: