On Sep 11, 2004, at 12:06 PM, Tom Meunier wrote:
If the spammer isn't authoritative for your domain, they can list everything in the universe as an MX record and it would never be checked. Unless the spammer owns tone of the three name servers that is authoritative for bubbanfriends.org, in which case they can do it.
Non-authoritative answer: bubbanfriends.org text =
"v=spf1 a mx -all"
bubbanfriends.org nameserver = ns.nanetworks.net bubbanfriends.org nameserver = ns1.nanetworks.net bubbanfriends.org nameserver = burgers.bubbanfriends.org
Exactly my point.
By the way, why are we discussing SPF on a SpamAssassin list? This stuff is all probably a FAQ over in SPF-ville.
Because someone was trying to use SPF as a blacklist in SA. An SPF fail should always be considered better than a blacklisted source, since its real time and the spammer won't know if you're using it or not.
I use SPF though at the MTA level so SPF fails never get to SA. But perhaps the lack of an SPF could be pointworthy in SA (or really the reverse... if there IS an SPF then there is a negative point). This could be helpful in reducing false positives.
Kindest regards,
Ron
"What shall we do? What shall we do?" he cried, "Escaping goblins to be caught by wolves!" - Bilbo Baggins
The Hobbit by J. R. R. Tolkein http://www.apple.com/trailers/newline/returnoftheking/trailer_large.html
