[EMAIL PROTECTED] wrote:
It's (SPF)primary purpose is to identify legitimate MTAs and prevent
the Joe Jobs.
Correct.
At best, it only allows us to dump mail sent to us by
someone spoofing our domain and only if it is sent to us.
You don't need SPF for that. There are lots of ways you can dump
inc
On 2004-09-14, at 15.11, Tom Meunier wrote:
For the most part and I'd say 99.999 (maybe add more 9's)% of the
time, the SPF result is "None". You can't do anything effective with
that.
On average, you'll need to receive more than 100,000 emails to receive
ONE from a domain with an SPF record? Im
Hmmm. I just checked my MTA logs for one six-hour period and have 10
SPF fails so that one in 100,000 can't be accurate.
On Sep 14, 2004, at 9:11 AM, Tom Meunier wrote:
[EMAIL PROTECTED] wrote:
For the most part and I'd say 99.999 (maybe add more 9's)% of the
time, the SPF result is "None". You c
[EMAIL PROTECTED] wrote:
For the most part and I'd say 99.999 (maybe add more 9's)% of the
time, the SPF result is "None". You can't do anything effective with
that.
On average, you'll need to receive more than 100,000 emails to receive
ONE from a domain with an SPF record? Impossible. You g
>
> If the SPF records pass then the blacklisting becomes effective
> since
> spammers can't hide. You could add a small number of points for a
> pass
> in that case of course (or not if you wish). That's in sync with
> SA's
> sum total approach where multifaceted point scoring produces the
> most
On Sep 13, 2004, at 9:22 PM, Bill Landry wrote:
- Original Message -
From: "Codger" <[EMAIL PROTECTED]>
If you already use a blacklisting host(s) and also use SPF then the
combination would be more effective than either alone, whether the SPF
added or removed points even.
I agree that using
- Original Message -
From: "Codger" <[EMAIL PROTECTED]>
> But the fact that they do create the SPF records then makes all the
> other rules like SURBL more effective. The strength they have had till
> SPF has been the fact that the could forge domains.
>
> If you already use a blacklistin
SPF wouldn't add you to a blacklist since it operates realtime (at the
SMTP level). But just because you log in to your home ISP doesn't mean
you can't send mail through your work ISP if you have SMTP
authentication of course.
In that instance you'll know immediately that your SMTP fails and th
than either alone, whether the SPF
added or removed points even.
On Sep 13, 2004, at 3:01 PM, Bill Landry wrote:
- Original Message -
From: "Codger" <[EMAIL PROTECTED]>
To: "SpamAssassin list"
Sent: Monday, September 13, 2004 11:51 AM
Subject: Re: SPF a
On Mon, 2004-09-13 at 11:51, Codger wrote:
> But still, my recommendation is to use an SPF pass to decrease the spam
> score and to not use SFP fails to blacklist.
You're still misinterpreting my idea.
1) a message passes SPF (sender verified);
2) SA classifies the message as spam;
3) somethin
Kelson said:
> Someone made a suggestion to blacklist based on SPF results. Problems
> were pointed out. The suggestion was withdrawn. The thread continues
> anyway.
Ah, that's what's going on - OK, we're on the same page now - it seems I
should have caught up on my entire inbox before offer
kaiser suse wrote:
Bret Miller said:
Yes, you should. But what happens if my almost-informed user decides to
do it the old way? Do you blacklist my domain because a user decided to
do things wrong?
I'm not sure how things could come to such a state - using SPF does not
"blacklist domains"
Someone
Bret Miller said:
> Yes, you should. But what happens if my almost-informed user decides to
> do it the old way? Do you blacklist my domain because a user decided to
> do things wrong?
I'm not sure how things could come to such a state - using SPF does not
"blacklist domains", but rather penaliz
>> Steve Bertrand said:
>>
>> > I work for an ISP. My laptop, seldomly moved from the office is
>> > configured to send out my [EMAIL PROTECTED] email through this
>> ISP
>> > SMTP server. I take my laptop home, which is connected to a
>> different
>> > SMTP server. Unwittingly, I change the SMTP s
Steve Bertrand wrote:
I work for an ISP. My laptop, seldomly moved from the office is
configured to send out my [EMAIL PROTECTED] email through this ISP
SMTP server. I take my laptop home, which is connected to a different
SMTP server. Unwittingly, I change the SMTP server to the home ISP's
server
> Steve Bertrand said:
>
> > I work for an ISP. My laptop, seldomly moved from the office is
> > configured to send out my [EMAIL PROTECTED] email through this ISP
> > SMTP server. I take my laptop home, which is connected to a
> different
> > SMTP server. Unwittingly, I change the SMTP server to t
Steve Bertrand said:
> I work for an ISP. My laptop, seldomly moved from the office is
> configured to send out my [EMAIL PROTECTED] email through this ISP
> SMTP server. I take my laptop home, which is connected to a different
> SMTP server. Unwittingly, I change the SMTP server to the home ISP'
> But still, my recommendation is to use an SPF pass to decrease the
> spam
> score and to not use SFP fails to blacklist.
This is really the first post I've looked at on this thread, but I see
your point...correct me if I am wrong with this situation:
I work for an ISP. My laptop, seldomly moved
- Original Message -
From: "Codger" <[EMAIL PROTECTED]>
To: "SpamAssassin list"
Sent: Monday, September 13, 2004 11:51 AM
Subject: Re: SPF and spammers
> But still, my recommendation is to use an SPF pass to decrease the spam
> score and to not use SFP
But still, my recommendation is to use an SPF pass to decrease the spam
score and to not use SFP fails to blacklist.
On Sep 13, 2004, at 1:39 PM, Kelson wrote:
You're misunderstanding. The suggestion was to take spam that passed
SPF, look for the other servers listed in that SPF record, and add
Codger wrote:
I don't think it would make any difference if the spammer listed any
other servers in HIS DNS SPF records. Your server won't look at his DNS
for yahoo's SPF records. That's what SPF is all about. It gives the
owner of the domain name exclusive ability to say who is and is not a
va
On Sep 11, 2004, at 12:06 PM, Tom Meunier wrote:
If the spammer isn't authoritative for your domain, they can list
everything in the universe as an MX record and it would never be
checked. Unless the spammer owns tone of the three name servers that
is authoritative for bubbanfriends.org, in whi
On Fri, 2004-09-10 at 17:12, Kelson wrote:
> John Hardin wrote:
> > I.E.: get an email that passes SPF, and scores high. Look at the
> > relevant SPF record and blacklist/high-score all of the hosts it states
> > are valid sources for that sender domain.
>
> Bad, *bad* idea. You're inviting DOSes
Mike Burger wrote:
The problem, however, is that SPF's usability also relies on MX records.
In my case, I have 2 MX records, and my SPF record is set up thusly:
"v=spf1 a mx -all"
Essentially saying that all my MX records are valid senders, as well.
All the spammer has to do is list those server
On Sat, 11 Sep 2004, Codger wrote:
> I don't think it would make any difference if the spammer listed any
> other servers in HIS DNS SPF records. Your server won't look at his DNS
> for yahoo's SPF records. That's what SPF is all about. It gives the
> owner of the domain name exclusive ability
From: "John Hardin" <[EMAIL PROTECTED]>
> A thought: now that spammers are using SPF to "legitimize" their email,
> could *we* use it as a means to shut them down sooner?
>
> I.E.: get an email that passes SPF, and scores high. Look at the
> relevant SPF record and blacklist/high-score all of the
I don't think it would make any difference if the spammer listed any
other servers in HIS DNS SPF records. Your server won't look at his DNS
for yahoo's SPF records. That's what SPF is all about. It gives the
owner of the domain name exclusive ability to say who is and is not a
valid sender for
On Sep 10, 2004 at 16:52, John Hardin wrote:
>A thought: now that spammers are using SPF to "legitimize" their email,
>could *we* use it as a means to shut them down sooner?
That's the point, as I understand it.
>I.E.: get an email that passes SPF, and scores high. Look at the
>relevant SPF reco
John Hardin wrote:
A thought: now that spammers are using SPF to "legitimize" their email,
could *we* use it as a means to shut them down sooner?
I.E.: get an email that passes SPF, and scores high. Look at the
relevant SPF record and blacklist/high-score all of the hosts it states
are valid source
A thought: now that spammers are using SPF to "legitimize" their email,
could *we* use it as a means to shut them down sooner?
I.E.: get an email that passes SPF, and scores high. Look at the
relevant SPF record and blacklist/high-score all of the hosts it states
are valid sources for that sender
30 matches
Mail list logo
