On Mon, Jun 16, 2008 at 11:55:05AM +1000, Daniel Pittman wrote: > I think you think SPF is protecting something other than what it is. > > SPF is designed to make sure that you have somewhere *real* to associate > the MAIL FROM part of the SMTP transaction with, and to verify that this > is correct with regard the declared domain outbound SMTP server > information.
In my opinion SPF pretty much protects you from one thing, joe-job attacks. ie bounces where someone else has used your domain as the from address. Anyone that has had this happen to them knows that it can turn into thousands of emails in your mailbox in a very short period of time. Unfortunately like most of the proposed SPAM solutions of this nature they are only really useful if everyone is doing it. Which reminds me I should go set it up :) -- John http://www.inodes.org/ -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
