On Mon, 4 Apr 2005, Dean Anderson wrote: > > Err, not likely. SPF came out, and now bots can find the ISPs "closed > relays" with very little trouble at all.
AFAIK bots use the MX of a parent domain of the infected machine's hostname to find an outgoing relay, not SPF. This is based on an incident I dealt with in September, and the Spamhaus article http://www.spamhaus.org/news.lasso?article=158 Fortunately it isn't too hard to lock down MXs to incoming only. Tony. -- f.a.n.finch <[EMAIL PROTECTED]> http://dotat.at/ BISCAY: WEST 5 OR 6 BECOMING VARIABLE 3 OR 4. SHOWERS AT FIRST. MODERATE OR GOOD.