[Pymilter] SPF effectiveness

Stuart D. Gathman stuart at bmsi.com
Fri Apr 23 18:01:37 EDT 2004


On Fri, 23 Apr 2004, Eric S. Johansson wrote:

> As for SPF increasing accuracy I'm glad it is working for you but, I 
> have one customer that is not using SPF because too many of the mailing 
> lists and forwarding services were being inappropriately marked.  I have 
> my doubts about SPF's long-term viability given that some of the bigger 
> spammers are already creating SPF records for their zombie owned 
> machines.  On the other hand, I know there are people that have doubts 
> about what I'm doing.  :-)

It is fine for spammers to create SPF records.  That just makes their domain
a highly significant token for bayesian filtering - or else easily blacklisted
with a RHSBL.  Preventing forgery is even good for the semi-legit spammers
(i.e. not a scam - they actually deliver a product) that strange people
actually buy from.  If I can easily block their pitch before SMTP DATA, their
broadcasting is annoying but livable.  The semi-legit spammers are suffering
from the scammers - who have much more reason to forge their mail headers.

SPF stops forging of the envelope sender - nothing else.  (The Yahoo scheme
prevents forging of From: and related headers.)  While rejecting
forged senders gets rid of a lot of spam now, the goal for the future is
to have *no* spam with forged headers because all spammers will have SPF
records.  SMTP envelope level spam blocking will all be by domain
name blacklists and there will still be content filtering since it is
relatively cheap for sleazier spammers to keep buying new domain names).

Furthermore, since getting a domain name (as opposed to forging someone
elses) requires registering with a domain registrar, it will be easier
to track down the truly criminal spammers.

SPF, like all truly useful spam tools, is not a silver bullet.  It simply
enforces accountablity for domain holders.

-- 
	      Stuart D. Gathman <stuart at bmsi.com>
    Business Management Systems Inc.  Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.




More information about the Pymilter mailing list