On Friday 03 September 2004 09:17 pm, Theo Van Dinter wrote:
- SpamAssassin now includes support for SPF (the Sender Policy Framework, http://spf.pobox.com/).
Why bother with this?
http://www.infoworld.com/article/04/08/31/HNspammerstudy_1.html
Although others have already given reasons why, I figured I'd toss in the analogy to explain why the dude from CypherTrust in the article is lacking in clue:
1 - Suppose that we have a problem with terrorists boarding planes and blowing them up.
2 - So, we make a list of all of the names of known terrorists and hand them to the security screeners.
3 - Then, the terrorists start boarding planes with fake ID's.
4 - So, we come out with some retina-scan ID system that can't be faked. Anybody still using the old, fakeable ID's will be treated to a cavity check, x-rays, and a bunch of hassle.
5 - So, the terrorists figure that their best shot is to use the new unfakeable ID's and hope that the security screener doesn't refer to the list of known terrorists.
The *lynchpin* to this whole scenario is that, if you don't check the names against the list of terrorists, the reliability of their ID card is pointless. The unfakeable ID card isn't a way of finding the terrorists, per se. It's a way of making *another* method more reliable.
By the same token, the point was never to be able to spot spammers by noting who isn't using SPF. Rather, the point is to make the blacklists more reliable. It is *only* when you use SPF in *conjunction* with blacklists/whitelists that you see any benefit from SPF.
- Joe
-- When freedom gives way to tyranny, it is not because tyranny comes dressed as a wolf. Rather, it comes dressed as a shepherd, pointing out other wolves. Go *read* the Patriot Act.
smime.p7s
Description: S/MIME Cryptographic Signature
