It appears that Barry Leiba  <barryle...@computer.org> said:
>-=-=-=-=-=-
>
>A paper was presented this morning at NDSS about the state of SPF, which is
>worth a read by this group:
>
>https://www.ndss-symposium.org/ndss-paper/breakspf-how-shared-infrastructures-magnify-spf-vulnerabilities-across-the-internet/

I was particuarly interested in all the ways they found to route their
spam, e.g. through CDN web proxies.  And it was impressive that you can embed 
the
SMTP transaction inside an HTTP message and a lot of MTAs will just ignore all
the HTTP junk and accept the mail.

Postfix recognizes http commands like GET, POST, and CONNECT and disconnects 
immediately.

R's,
John

_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc

Reply via email to