On Monday, August 27, 2007 9:27 AM Magnus Holmgren wrote: > For spammers to be able to send SPF-authenticated spam using botnets, > they usually have to authorize ridiculously large address blocks, for > example with "+all" or "+a:0.0.0.0/2 +a:64.0.0.0/2 +a:128.0.0.0/2 > +a:192.0.0.0/2", so it's possible to check for that.
Has anyone verified that spammers are actually doing this yet, and how common it is? If so, it sounds like a good rule to add to the SPF protocol itself to save every implementation from having to check on their own. Jason A. Bertoch Network Administrator [EMAIL PROTECTED] ElectroNet Intermedia Consulting 3411 Capital Medical Blvd. Tallahassee, FL 32308 (V) 850.222.0229 (F) 850.222.8771
