Re: Which Spam Block List to use for a network?

To: debian-isp@lists.debian.org
Subject: Re: Which Spam Block List to use for a network?
From: Craig Sanders <cas@taz.net.au>
Date: Sun, 27 Jun 2004 08:40:56 +1000
Message-id: <[🔎] 20040626224056.GB2604@taz.net.au>
In-reply-to: <[🔎] 200406261834.53433.russell@coker.com.au>
References: <[🔎] 20040618142958.GA19680@let.rug.nl> <[🔎] 20040624005136.GD4421@taz.net.au> <[🔎] 396601c4598e$b0669f00$ce00a8c0@SYSTEM9> <[🔎] 200406261834.53433.russell@coker.com.au>

On Sat, Jun 26, 2004 at 06:34:53PM +1000, Russell Coker wrote:
> On Thu, 24 Jun 2004 11:58, "Jason Lim" <maillist@jasonlim.com> wrote:
> > > most ISPs (and mail service providers like yahoo and hotmail), for
> > > instance, will never have SPF records in their DNS.  they may use SPF
> > > checking on their own MX servers, but they won't have the records in their
> > > DNS.  their users have legitimate needs to send mail using their address
> > > from any arbitrary location, which is exactly what SPF works to prevent.
> 
> If someone wants to use a hotmail or yahoo email address when sending email to 
> me then they will use hotmail/yahoo servers to send it.  My mail server will 
> prevent them doing otherwise, and has been doing so since before SPF started 
> becoming popular.

doesn't matter.  hotmail and yahoo are only two domains out of millions that
will never have SPF records in the DNS.  some because the domain owners are
lazy and/or ignorant, some (like debian.org) because they have a legitimate
need to send mail from so many locations that it is impossible to specify all
allowed hosts.

> > I feel SPF is not going to be implemented many placed not because people
> > don't wont to reduce spam, but because SPF just won't work in many cases.
> > In fact, depending on how you look at it, it doesn't reduce spam at ALL
> > (phising is certainly bad, but that is a separate problem).
> 
> If it stops people from joe-jobbing me then that's enough reason to have it.

that's a reason for you to have SPF records (well, it will be if/when enough MX
servers implement SPF checking...in the meantime, it doesn't hurt to have
them).  like me, you *can* have SPF records for your domain because you *can*
list all the hosts allowed to send mail claiming to be from your domain.  that
just isn't the case for many domains.

that is why SPF will never be a generic anti-spam tool.  it is a
tightly-focussed anti-forgery tool of very limited use.

craig

-- 
craig sanders <cas@taz.net.au>

The next time you vote, remember that "Regime change begins at home"

Reply to:

References:
- Which Spam Block List to use for a network?
  - From: Francisco Borges <frandebo@latt.if.usp.br>
- Re: Which Spam Block List to use for a network?
  - From: Craig Sanders <cas@taz.net.au>
- Re: Which Spam Block List to use for a network?
  - From: "Jason Lim" <maillist@jasonlim.com>
- Re: Which Spam Block List to use for a network?
  - From: Russell Coker <russell@coker.com.au>

Prev by Date: Re: recommendation for gbit sx card?
Next by Date: Re: How to prevent being a 'bouncer' of evil mail?
Previous by thread: Re: Which Spam Block List to use for a network?
Next by thread: Re: Which Spam Block List to use for a network?
Index(es):
- Date
- Thread