Am 10.01.2012 04:32, schrieb Noel Jones: >> in this case this is NOT legit mail, sites implementing this >> way have to be rejected - a "greeting ecard" where you can >> enter a e-mail-address which will be used as ENVELOPE sender >> is badly broken > >> any web-application using a foreign ENVELOPE sender is badly >> broken > > I don't disagree that this is badly broken; nonetheless it's still > in use.
and nobody will fi it as long enough accept it > Unless one is in the enviable position to dictate and > enforce policy with regardless of > customer/user/management/owner/whatever input -- my way or the > highway as they say -- this and all other anti-spam techniques > need to be considered in a local cost vs. benefit. Anti-spam is > never one-size-fits-all. that is right, but broken things should not be supported > I dropped this rule when I realized that virtually all the spam > would still be rejected by other rules, leaving this rule to only > hit the occasional false-positive. Not many, but enough to cause > some complaints. Disabling it did not lead to a flood of spam > entering the system. from the moment on where you set SPF records you should NEVER accept forged senders because it is real bad practice set a sign for all others that foreign senders can be rejected and then accept them on the authoritative one > I gently remind you that just because something is broken doesn't > mean it can't or shouldn't be accepted. your opinion in my opinion broken things which can be easily fixed and where anybody can explain why exactly they are broken MUST NOT be aceepted, reason below > Just because something works great for you doesn't mean > it's appropriate for everyone well, and as long way too much people tolerate broken things the real big problems will still remain would every server out there REJECT any forged messages resulting in all people using their smtp matching to the address from which they send and most domains implement SPF it would be MUCH easier for all it would result that not so many poor educated people are setting up mailservers with broken configs/dns-records/ptr and then start complain at me because i reject their crap simply because nearly all would reject their crap corrently the most complaints are coming to administrators which are doing their work because to many are doing not with the excuse "but it works"
signature.asc
Description: OpenPGP digital signature
