Re: Which Spam Block List to use for a network?
On Thu, 24 Jun 2004 11:58, "Jason Lim" <maillist@jasonlim.com> wrote:
> > most ISPs (and mail service providers like yahoo and hotmail), for
> > instance, will never have SPF records in their DNS. they may use SPF
> > checking on their own MX servers, but they won't have the records in their
> > DNS. their users have legitimate needs to send mail using their address
> > from any arbitrary location, which is exactly what SPF works to prevent.
If someone wants to use a hotmail or yahoo email address when sending email to
me then they will use hotmail/yahoo servers to send it. My mail server will
prevent them doing otherwise, and has been doing so since before SPF started
becoming popular.
> This also applies to most hosting companies. If your ISP prevents outgoing
> SMTP (port 25) to other mail servers and you are forced to use your ISP's
> mail servers, then the "mail server" is not going to match that of your
> hosting account or domain name. Thus SPF fails again in this case.
You just have to enable the ISP's mail server in the SPF configuration. That
allows a customer of the same ISP to joe-job you, but sorting THAT out should
not be so difficult.
> I feel SPF is not going to be implemented many placed not because people
> don't wont to reduce spam, but because SPF just won't work in many cases.
> In fact, depending on how you look at it, it doesn't reduce spam at ALL
> (phising is certainly bad, but that is a separate problem).
If it stops people from joe-jobbing me then that's enough reason to have it.
--
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page
Reply to: