Re: Unusual spam recently - hummm - postprocess
Quoting Phillip Hofmeister (plhofmei@zionlth.org):
> While I am sure finding out whose is bigger is exciting to you. I
> feel comfortable in speaking for the rest of the list when I say this
> thread has become WAY OT.
I'm surprised that an allegation that SPF -- highly relevant to SMTP
security -- is "vapourware", not to mention refutations of that
assertion, are off-topic. Nonetheless, I apologise for reacting with
irritation to Michael's claim to that effect: It's just that I expected
better from a Security Team member. Much better.
Why is SPF important? Because it eliminates joe-jobs. That is, it
allows mail admins to absolutely validate the envelope return path --
significant because spammers have recently gotten around to forging
sender envelope information, allowing forged mail that appears to be
credibly "from" your domain or mine, etc. -- and as such began defeating
even quite good security regimes.
Why is it not "vapourware"? Because prepackaged kits exist to trivially add
support to -=all=- of common MTAs: Postfix, Exim, sendmail, qmail,
Courier-MTA, and MS-Exchange Server. I posted the link twice earlier in
the conversation, well before Michael dismissed it as "vapourware".
Here it is again:
http://spf.pobox.com/downloads.html
If using Exim4 on Debian, the required daemon (perl module
Mail::SPF::Query) is available as Debian package libmail-spf-query-perl .
The Exim4 ACL that invokes it can be found on the above-cited page, and
a SysVInit script can be pulled down from http://www.jcdigita.com/eximconfig/ .
If all that's vapourware, then it's amazing how much functional and
well-debugged vapourware can be located in three minutes of googling.
Reply to: