> -----Original Message----- > From: Marc Perkel [mailto:[EMAIL PROTECTED] > Sent: Monday, August 27, 2007 5:29 PM > To: Meng Weng Wong > Cc: Kelson; users@spamassassin.apache.org > Subject: Re: SPF-Compliant Spam > > > > Meng Weng Wong wrote: > > On Aug 27, 2007, at 11:39 AM, Kelson wrote: > > > >> Jason Bertoch wrote: > >>> Is it wise to blacklist both, or is this yet another > case where SPF > >>> has failed > >>> to meet projections? > >> > >> It's a case where the spammer has just handed you useful > information: > >> You know for sure that the domain name is, indeed, the spammer's > >> domain name, and not an innocent third-party's. > Blacklist it without > >> hesitation! > >> > > > > Yes, that usage was exactly the design intent of SPF. > > > > Once you move from IP to domain reputation, you can do many > > interesting things. > > > > For example, you can go from the known-bad domain to its > nameservers. > > > > You can then go from those nameservers to detect other bad domains. > > > > The URIBL plugin associates URL -> domain -> IP -> > reputation lookup. > > > > I am writing a similar plugin that associates domain -> NS -> > > reputation lookup. > > > > > > Meng - you are doing the email community a huge disservice > with SPF. I > wish you'd just end this lie because SPF is less than > useless. I breaks > existing forwarding standards and it causes false positives. > SPF DOESN'T > WORK! > >
A lamp doesn't work either, until you plug it in. Use it correctly and it works, don't and it doesn't Rick -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
