>> Return-Path: <[EMAIL PROTECTED]> >> X-Sieve: CMU Sieve 2.2 >> X-Spam-Status: No, score=-2.3 required=5.0 tests=AWL,BAYES_00, >> FORGED_RCVD_HELO autolearn=ham version=3.1.4 >> X-Spam-Checker-Version: SpamAssassin 3.1.4 (2006-07-25) on amadeus3.local >> X-Spam-Level: >> DomainKey-Status: no signature >> X-Sieve: CMU Sieve 2.2 >> Mailing-List: contact [EMAIL PROTECTED]; run by ezmlm >> Precedence: bulk >> list-help: <mailto:[EMAIL PROTECTED]> >> list-unsubscribe: <mailto:[EMAIL PROTECTED]> >> List-Post: <mailto:users@spamassassin.apache.org> >> List-Id: <users.spamassassin.apache.org> >> Delivered-To: mailing list users@spamassassin.apache.org >> X-ASF-Spam-Status: No, hits=0.0 required=10.0 tests= >> Subject: Re: Earthlink emails >> From: Ramprasad <[EMAIL PROTECTED]> >> To: Loren Wilton <[EMAIL PROTECTED]> >> Cc: spamassassin-users <users@spamassassin.apache.org> >> In-Reply-To: <[EMAIL PROTECTED]> >> References: <[EMAIL PROTECTED]> >> <[EMAIL PROTECTED]> >> <[EMAIL PROTECTED]> >> <[EMAIL PROTECTED]> >> Content-Type: text/plain >> Date: Fri, 29 Sep 2006 11:43:48 +0530 >> Mime-Version: 1.0 >> X-Mailer: Evolution 2.0.4 (2.0.4-7) >> Content-Transfer-Encoding: 7bit >> X-SMTP3-MailScanner-Information: Please contact the ISP for more information >> X-MailScanner-From: [EMAIL PROTECTED] >> X-TOI-SPAM: u;0;2006-09-29T06:14:29Z >> X-TOI-VIRUSSCAN: unchecked >> X-TOI-MSGID: eaf52ea5-4598-4c0e-bbec-9b2da8e90a41 >> X-Seen: false >> X-ENVELOPE-TO: <[EMAIL PROTECTED]> >> >> On Thu, 2006-09-28 at 11:05 -0700, Loren Wilton wrote: >> > > Apparently they have removed SPF records after publishing them once. >> > > Thats a stupid idea IMHO. Today I am forced to TEMP FAIL earthlink ids >> > > whenever there is a spam attack on my servers >> > >> > SPF can be a pain for a number of reasons that have been discussed >> > endlessly. I suspect Dirtlink found them to be effectively useless. >> > >> > Why not try using domainkeys instead? >> > >> > DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; >> > s=dk20050327; d=earthlink.net; >> > b=FB4IOaniCvpDwkx5cYm2jFWe8LB9zRfxL9FHzbhv1JHyGSVrA0o4mttb3jjbU4C3; >> > >> > h=Message-ID:Date:From:Reply-To:To:Subject:Cc:Mime-Version:Content-Type:Content-Transfer-Encoding:X-Mailer:X-ELNK-Trace:X-Originating-IP; >> > >> > Loren >> >> Darn, >> I dont want to again get into SPF debates. >> >> Assume I am using domain keys and catching all spams forged from >> earthlink , still I am scanning the mails. >> >> Anyway that is already happening today. SA is catching spams from >> earthlink( forged ?) but when you scan a huge number of mails you would >> like to be able to reject forged mails straight after "mail from:". >> That is what SPF lets you do and that works. >> >> No wonder a lot of spammers have stopped forging hotmail or msn >> because most of those mails dont even get thru the MTA. And a majority >> of the forged spams I still get is from earthlink or yahoo. >> >> Thanks >> Ram >> >> >> Hi,
well - you could set up your MTA to verify domainkeys and reject. However, there are a lot of mails around that could cause rejection altnhough they are valid .... mail resent by something (e.g. a mailing list) but keeping the domain keys / not adding a "sender" header Wolfgang Hamann
