It appears that Barry Leiba <barryle...@computer.org> said: >-=-=-=-=-=- > >A paper was presented this morning at NDSS about the state of SPF, which is >worth a read by this group: > >https://www.ndss-symposium.org/ndss-paper/breakspf-how-shared-infrastructures-magnify-spf-vulnerabilities-across-the-internet/
I was particuarly interested in all the ways they found to route their spam, e.g. through CDN web proxies. And it was impressive that you can embed the SMTP transaction inside an HTTP message and a lot of MTAs will just ignore all the HTTP junk and accept the mail. Postfix recognizes http commands like GET, POST, and CONNECT and disconnects immediately. R's, John _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc