| |||||||||||||
|
| |||||||||||||
Solution: Sender Policy FrameworkSolution: Sender Policy FrameworkPosted May 6, 2004 11:39 UTC (Thu) by copsewood (subscriber, #199)Parent article: 82% of email is spam Some very good work is advancing quickly on DNS technology to enable domain owners to publish details of which addresses legitimate mail from their domains is allowed to come from. When enough people implement SMTP + SPF this is likely to make senders more accountable for what they send. Check out the SPF site for details. Any domain owner who can publish TXT records can help move adoption further and reduce the likelyhood that spammers will forge mail envelopes using their domain by publishing SPF records stating where you send your mail from. This isn't a complete solution by any means, but it is likely to be a neccessary step in making a complete solution possible which doesn't break too many things worth keeping.
(Log in to post comments)
Solution: Sender Policy Framework Posted May 6, 2004 12:07 UTC (Thu) by hingo (guest, #14792) [Link] One thing I've always wondered about SPF is this. When more people start using it, isn't it then just as easy for the spammers to make their worms such, that they check the DNS record to learn what SMTP server they should use and then send their mail through that server. The server has no chance to realise that it is not the user of the computer sending normal email.Of course, if we have SPF, then we could start adding other things to SMTP, like the server requiring a password before accepting mail. In combination these kinds of techniques might do it.
Solution: Sender Policy Framework Posted May 6, 2004 16:28 UTC (Thu) by Ross (subscriber, #4065) [Link] Maybe. It depends on what type of authentication the server requires.Assuming the worst case, no authentication, it would still be an inprovement because the messages would really be from the domain they appear to be from. This makes it easier to contact admins, implement filters, etc.
|
|
||||||||||||