Re: @debian.org email forwarding and SPF
On Fri, 21 May 2004 01:23, Andrew Suffield <asuffield@debian.org> wrote:
> > This is partially correct, but not entirely. If you receive a mail from
> > a non-existent domain, you can very safely ignore the mail altogether.
> > So the first evasion scheme is not of any use.
>
> Tell that to the spammers. They certainly seem to think it's useful;
> they've been doing it for years.
As the number of mail servers that reject such mail increases spammers will
stop doing it.
> The fact that you, personally, filter these is not relevant; you are
> not their target. Their target is the sort of person too stupid to
> filter these mails. You're just collateral damage.
Their target is the typical AOL and hotmail user. When AOL and hotmail start
rejecting such mail spammers will change tactics.
> > The second is somewhat useful for
> > certain period of time, until most sites enable SPF.
>
> Stop. SPF is not suitable for use on most sites. See this thread. Your
> argument is predicated on this not being true.
SPF is more difficult to implement on sites such as debian.org. However such
sites are a very small minority of all email addresses. If you count the
number of email accounts controlled by the 6-10 biggest US ISPs and the 20
biggest European ISPs then you would probably find that they count for about
half the Internet population.
--
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page
Reply to: