Hosting Provided By

Re: SPF-Compliant Spam

From: mouss <mouss(at)netoyen.net>
Date: Mon Aug 27 2007 - 12:52:04 EDT

Jason Bertoch wrote:
> I think it's safe to say I'm not in the minority when I receive SPF-Compliant
> spam. I'm looking for opinions on what we can honestly derive from such
> messages regarding the sending server's IP and the sending address' domain name.
> Is it wise to blacklist both, or is this yet another case where SPF has failed
> to meet projections?
>

Spamers were among the first to jump into the SPF waggon.

The following is Table 3 from "Sender reputation In a Large Webmail Service"

http://www.ceas.cc/2006/19.pdf

Table 3: Authentication Breakdown: Spam Method Frequency Both SPF and DomainKeys 1.5% SPF only 39% DomainKeys only 0.5% Not authenticated 59%

SPF helps detecting forgeries of honest domains that have configured "limited" SPF records. nothing more. Received on Mon Aug 27 12:53:21 2007

This message: [ Message body ]
Next message: Per Jessen: "Re: SPF-Compliant Spam"
Previous message: Justin Mason: "Re: where'd SendmailID.pm go?"
In reply to: Jason Bertoch: "SPF-Compliant Spam"
Next in thread: Graham Murray: "Re: SPF-Compliant Spam"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Thu Oct 25 2007 - 22:21:59 EDT