Hosting Provided By

Re: SPF-Compliant Spam

From: Bernd Petrovitsch <bernd(at)firmix.at>
Date: Mon Aug 27 2007 - 18:39:33 EDT

On Mon, 2007-08-27 at 14:58 -0700, Marc Perkel wrote: [...]
> Some of the flaws in SPF
> The flaws in SPF are numerous and severalfold.
>
> * SPF breaks pre-delivery forwarding.

BTW the trivial solution to this problem is that your customers simply add your mailservers to the SPF rercords.

> * SPF creates new categories of third class citizenship.
> * SPF doesn't actually address unsolicited bulk mail at all.

It was never designed for that. Alone this statement makes the whole page propaganda.

> SPF hijacks existing DNS mechanisms.
> Rather than creating a new DNS resource record type for the new data

There is a already new one.
The next propaganda statement.

[...]
> Ironically, the official SPF answer to the question of what SPF data
> to publish in these circumstances is, effectively, to not adopt SPF:
>
> > If you run a personal domain, you can either not publish SPF records
> > at all, or set up "v=spf1 +all" for your domain, and you'll be able
> > to send mail from your laptop no matter where you are.

So what?
This merely states that mail from that domain may come from every host in the world.
This doesn't apply to my domains and so it doesn't disturb me.

Do you need help?
In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related spamassassin.apache.org Links users Request more information about Pantek

Do I filter mail from a "v=spf1 +all" domain ? Well, perhaps, why not?
But perhaps someone with a to high number of outgoing mail servers (Does any ISP has 1K outgoing mailservers? Probably not.) gets only points for SA.

I purposely didn't comment on the "DNS" arguments - they apply to much more important services as well than "SPF". And no one cares there. So why would I care for supposedly spoofed DNS for SPF?

<sarcasm>
I also miss further reasons in the line and quality of: One could misconfigure with typos it so it *must* be a bad thing. </sarcasm>

It boils down to the question: Why do SPF-haters wants to support forged emails?

Bernd

-- 
Firmix Software GmbH                   
http://www.firmix.at/
mobil: +43 664 4416156                 fax: +43 1 7890849-55
          Embedded Linux Development and Services

Received on Mon Aug 27 18:40:24 2007

This message: [ Message body ]
Next message: Rick Cooper: "RE: SPF-Compliant Spam"
Previous message: Marc Perkel: "Re: Need a plugin written relating to black/white/yellow lists"
In reply to: Marc Perkel: "Re: SPF-Compliant Spam"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Fri Oct 26 2007 - 00:52:50 EDT