Reject or tag email signed with @mydomain.com

Julian Field MailScanner at ecs.soton.ac.uk
Wed Jul 13 20:29:32 IST 2005 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Matt Kettler wrote:

>Julian Field wrote:
>
>  
>
>>I have seen claims that the only people who have really adopted SPF so 
>>far are the spammers themselves.
>>
>>    
>>
>
>So far both spammers and those who understand SPF have adopted it. I have, AOL
>has, even jiscmail.ac.uk has adopted it.. (dig txt jiscmail.ac.uk)
>
>Lots of nonspammers have SPF records in use.
>
> Those who don't understand SPF claim it's useless because they expect it to be
>an anti-spam technology and realize that spammers can easily create their own
>SPF records... But that whole argument is invalid as SPF isn't an anti-spam
>technology per-se.
>
>Passing SPF isn't a good indicator of nonspam. It's forgable, and we all know
>it. It's failing SPF that's useful, as it will eventualy force spammers and
>worms to stop forging their domains, making them easier to track.
>  
>
Agreed. I have users in my department who post messages claiming to be 
from their ecs.soton.ac.uk account, using SMTP servers all over the 
place, as we have had people using mail long before SMTP AUTH came 
along. Getting them to all use authenticated SMTP and our SMTP servers 
isn't really practical, especially with the emergence of networks who 
trap all outgoing SMTP connections and divert them to their own servers.

The result is that we can't publish a useful SPF record. At least I 
don't think we can.
Is there a way of publishing an SPF record that says nothing useful? :-)

- -- 
Julian Field
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store
Professional Support Services at www.MailScanner.biz
MailScanner thanks transtec Computers for their support

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654


-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.0.1 (Build 2185)

iQA/AwUBQtVrnRH2WUcUFbZUEQL15wCgnZ4DFnxqszdQVt7RYKYwNwiJtDsAoM/e
8pYkh60huH+QH5zY7lLRAY89
=slju
-----END PGP SIGNATURE-----

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).

Support MailScanner development - buy the book off the website!

More information about the MailScanner mailing list