| |||||||||||
SPF, Domain Keys, and the likeSPF, Domain Keys, and the likePosted Jun 24, 2004 15:13 UTC (Thu) by ayeomans (subscriber, #1848)Parent article: Large ISPs ponder spam Be careful of what you ask for. We can already authenticate mail senders using S/MIME, PGP or GPG. All that SPF and the like do is authenticate email postmarks. So if this became commonplace, the response of the spammers is simply to stop forging sender addresses and run their own domain, with completely legitimate SPF markers, all in some TLD that allows them to do so. Result - very little difference in spam volume. Maybe you could filter by the domains used - but these will also come and go rapidly. I suggest you follow the money with SPF/etc - a few years downstream, you will need to pay someone to get your sent mail approved, either for an SPF/etc signature from your ISP or for your own domain. It's like paying someone to throw away all your mail unless it was posted in the mailbox you paid to use.
(Log in to post comments)
SPF, Domain Keys, and the like Posted Jun 24, 2004 16:11 UTC (Thu) by kitterma (subscriber, #4448) [Link] If the spammers stop forging, then at least we have a better idea where to go and find them. It's a step in the right direction.With SPF all I have to do is publish a TXT record for my domain. All that takes is a DNS or DNS services provider that will support TXT records. Not hard to find, not very expensive. With SPF I have a way to try to protect my domain name. At least I can tell other organizations what MTAs are permitted to send e-mail for my domain. I can stop spam just fine with filtering. Spam isn't really much of a problem for me. What I want to stop is spammers forging my domain name. If they stop forging, that's a good chunk of the battle. Of course, on of the beauties of SPF is it's optional. If you don't like it, don't use it.
SPF, Domain Keys, and the like Posted Jun 26, 2004 8:39 UTC (Sat) by shane (subscriber, #3335) [Link] IIRC, some employees of the large ISPs pushing SPF-style authentication actually envision a "flag day" after which all domains must authenticate their mail relays.I'm actually not really opposed to it, considering it is a small piece of setting up a mail infrastructure. I don't know if there will be a "critical mass" to force a conversion, but it'll be interesting to see - the IETF, for one, used to consider flag days a thing of the past on the Internet.
SPF, Domain Keys, and the like Posted Jul 1, 2004 8:57 UTC (Thu) by job (guest, #670) [Link] That is not true!What's in their "From" address is completely uninteresting. Not only does this not tell us anything about the spammmers whereabouts, it is also very easy for spammers to create disposable addressses to evade blacklists. Some people used to black list the "From" addresses but it was a very bad idea and nobody does it anymore. The source IP, on the other hand, is VERY interesting. Just "whois" the IP and phone or mail the guy to stop (in practice, you mail his/her ISP to shut them out). There are even services that can do this very easy for you with a friendly web interface, like http://spamcop.net/ . Adding SPF to that accomplishes ONLY that you can delete false bounces, _nothing else_.
SPF, Domain Keys, and the like Posted Jul 1, 2004 12:27 UTC (Thu) by kitterma (subscriber, #4448) [Link] Today you are right. All blacklists work on the basis of the IP address because the From: (and other) addresses are virtually always forged.I published an SPF record to try to protect my domain name from accusations of spamming. I'm not there yet as today publishing a -all record is a challenge, but the technology is in its infancy. I'll get there. SPF is primarily about making forgery more difficult (including phishing). As far as spam goes there are only 3 possibilities: SPF fail: It's a forgery - do not accept during SMTP session Yes, domain based blacklisting hasn't worked in the past because of forgery. SPF makes domain based blacklisting possible. Yes, spammers will get throwaway domains, but this does raise the transaction costs. SPF isn't envisioned as a final solution to spam. It is a step.
|
|||||||||||