On 2/2/10 5:38 PM, "dar...@chaosreigns.com" <dar...@chaosreigns.com> wrote:
> On 02/02, Marc Perkel wrote:
>> Why would you want to catch domains without SPF as SPF has no
>> relationship to detecting spam?
>
> SPF is entirely about spam.
Sorry, but SPF is entirely about ham. We use SPF with vendors who want to
ensure that we receive their mail. They must either provide a valid SPF
policy or use DKIM signing in order to be added to our whitelist. It's
specified in all of the bid documentation.
>
> http://www.openspf.org/Introduction
>
> If everyone uses SPF, all we need to block all spam is these rules
> (SPF_NOT_PASS alone should do it), and a blacklist of domains that have
> SPF records including IPs that send spam.
Spammers will often create a rule like spf=v1 all. That always matches, so
their mail is now SPF compliant. Better to use it for personal
whitelisting, and as an anti-spoofing filter (if it doesn't match our SPF
policy, we didn't send it so it should be considered as SPAM)
> SPF is easy, there's a wizard http://www.openspf.org/, then you paste
> the results into the DNS TXT record for your domain).
Yes, we all know how to set up SPF.
--
Daniel J McDonald, CCIE # 2495, CISSP # 78281
