On Wed, Dec 13, 2006 at 10:43:40AM -0500, JamesDR wrote: > accept the mail from forged addresses, I don't know. I'm making the > point that -- if a spammer says "hey, these bots are allowed to send > spam for my domain" then you know right away who to block. Even if it is
The issue is that SPF only specifies who's allowed to send mail from a given host/domain. You can't reverse engineer that information into a useful anti-spam rule. If you counter and say "but this is working great for me right now", my answer is "yes, for right now..." Like a lot of anti-spam technology, things only work for as long as the spammers don't care about it. For instance, I (john q spammer) could start including random /24's in my record along with 4 bots that are going to send out my mails. Now you get spam from my domain ... and you end up blocking places you really don't want to. Much like not using a screwdriver to pound in a nail, don't use SPF for things it wasn't designed to do. -- Randomly Selected Tagline: "I love every living creature." -Leela "Even me?" -Fry "As a friend." -Leela
pgpdRT1mvmg4Y.pgp
Description: PGP signature
