On Thu, May 20, 2004 at 08:46:27PM +0800, Isaac To wrote: > >>>>> "Andrew" == Andrew Suffield <asuffield@debian.org> writes: > > Andrew> - invalid sender addresses - valid sender addresses from domains > Andrew> without SPF enabled > > Andrew> SPF can't stop spam because spammers can trivially evade its > Andrew> effects. You seem to be assuming that spammers are incapable of > Andrew> changing their behaviour to respond to things like this. > > This is partially correct, but not entirely. If you receive a mail from a > non-existent domain, you can very safely ignore the mail altogether. So the > first evasion scheme is not of any use. Tell that to the spammers. They certainly seem to think it's useful; they've been doing it for years. The fact that you, personally, filter these is not relevant; you are not their target. Their target is the sort of person too stupid to filter these mails. You're just collateral damage. > The second is somewhat useful for > certain period of time, until most sites enable SPF. Stop. SPF is not suitable for use on most sites. See this thread. Your argument is predicated on this not being true. An even more efficient way to solve the spam problem is to stop accepting any mail at all. That will eliminate 100% of the spam you currently receive. -- .''`. ** Debian GNU/Linux ** | Andrew Suffield : :' : http://www.debian.org/ | `. `' | `- -><- |
Attachment:
signature.asc
Description: Digital signature