nanog mailing list archives
Re: Spammers Skirt IP Authentication Attempts
From: Paul Jakma <paul () clubi ie>
Date: Wed, 8 Sep 2004 11:54:32 +0100 (IST)
On Wed, 8 Sep 2004, David Cantrell wrote:
You forget, SPF doesn't just tell you who is authorised to speak on behalf of foobar.com, it also tells you who is *not* authorised.
That is sort of implied, yes.
If you get mail coming in from - eg - randomgibberish.comcast.net claiming to be from foobar.com, then you know that it's dodgy unless foobar.com's SPF record says that that cable modem address is authorised.
Except that, SPF records are as easy to setup for a spammer, as for you and I. If the above is a spammer, then SPF for foobar.com will list randomgibberish.comcast.net as an authorised sender.
SPF will absolutely not have any effect on spam.And I say this merely as a disciple of Vixie - he thought of a form of SPF /years/ ago, and he knew /years/ ago it wouldnt do anything for Spam. The only difference between Vixie's MAIL-FROM MX records and SPF is the snake-oil: Vixie was honest in his claims for what it could do, the hype around SPF is not.
regards, -- Paul Jakma paul () clubi ie paul () jakma org Key ID: 64A2FF6A Fortune: Reformatting Page. Wait...
Current thread:
- Re: Spammers Skirt IP Authentication Attempts, (continued)
- Re: Spammers Skirt IP Authentication Attempts Edward B. Dreger (Sep 06)
- Re: Spammers Skirt IP Authentication Attempts Tom (UnitedLayer) (Sep 06)
- Re: Spammers Skirt IP Authentication Attempts Paul Jakma (Sep 07)
- Re: Spammers Skirt IP Authentication Attempts Stephane Bortzmeyer (Sep 07)
- Re: Spammers Skirt IP Authentication Attempts Paul Jakma (Sep 07)
- Re: Spammers Skirt IP Authentication Attempts J.D. Falk (Sep 07)
- Re: Spammers Skirt IP Authentication Attempts Tom (UnitedLayer) (Sep 06)
- Re: Spammers Skirt IP Authentication Attempts Paul Vixie (Sep 07)
- Re: Spammers Skirt IP Authentication Attempts Paul Jakma (Sep 07)
- Re: Spammers Skirt IP Authentication Attempts J.D. Falk (Sep 07)
- Re: Spammers Skirt IP Authentication Attempts Douglas Otis (Sep 07)
- Re: Spammers Skirt IP Authentication Attempts Edward B. Dreger (Sep 06)
- Message not available
- Re: Spammers Skirt IP Authentication Attempts Paul Jakma (Sep 08)
- Re: Spammers Skirt IP Authentication Attempts vijay gill (Sep 08)
- Re: Spammers Skirt IP Authentication Attempts Paul Jakma (Sep 08)
- Re: Spammers Skirt IP Authentication Attempts vijay gill (Sep 08)
- Re: Spammers Skirt IP Authentication Attempts Stephen J. Wilcox (Sep 08)
- Re: Spammers Skirt IP Authentication Attempts Dan Mahoney, System Admin (Sep 08)
- Re: Spammers Skirt IP Authentication Attempts Ricardo "Rick" Gonzalez (Sep 08)
- Re: Spammers Skirt IP Authentication Attempts Dan Mahoney, System Admin (Sep 08)
- Re: Spammers Skirt IP Authentication Attempts Susan Harris (Sep 08)
- Re: Spammers Skirt IP Authentication Attempts Paul Vixie (Sep 08)
- Re: Spammers Skirt IP Authentication Attempts Douglas Otis (Sep 08)