> From: Graham Murray <[EMAIL PROTECTED]> > Date: Sun, 13 Apr 2008 11:08:03 +0100 > To: <users@spamassassin.apache.org> > Subject: Re: Returned mail spam > > mouss <[EMAIL PROTECTED]> writes: > >> ahuh? how would spf fix the problem if spam gets out from an >> authorized client (yahoo, google, hotmail, aol, ...). however you >> respond, you'll find out that such (ougoing) spam problem isn't fixed >> _by_ SPF. In particular, don't tell me "they will fix their outgoing >> spam". > > If you publish a suitable SPF record then you will not receive any > backscatter (which is the subject of this thread) from sites which > correctly implement SPF checking. Do not forget that SPF is not an > anti-spam too per-se but an anti-forgery one. Backscatter is one of the > problems which SPF fixes.
ONLY for those sites that implement SPF in a pre-queue type filter, and ONLY I you use -all record types. But then again, the sites that correctly implement SPF in a pre-queue type filter also probably implement recipient verification in a pre-queue filter and are not as likely to be the source of backscatter anyway. Yes, implement SPF records, it doesn't cost anything. Just make sure your users don't FWD their emails out, and that your marketing department has identified any any all companies that send email on your behalf. -- Michael Scheidell, CTO >|SECNAP Network Security Winner 2008 Network Products Guide Hot Companies FreeBSD SpamAssassin Ports maintainer _________________________________________________________________________ This email has been scanned and certified safe by SpammerTrap(tm). For Information please see http://www.spammertrap.com _________________________________________________________________________
