SV: [DShield] SPF is fundamentally flawed

Johan Strand Johan.Strand at frontend.se
Thu Feb 19 08:32:42 GMT 2004


> -----Ursprungligt meddelande-----
> Från: Erik van Straten [mailto:emvs.dsh.3FB4CC72 at cpo.tn.tudelft.nl]
> Skickat: den 19 februari 2004 01:04
> Till: list at dshield.org
> Kopia: abuse at aol.com
> Ämne: Re: [DShield] SPF is fundamentally flawed
> 
> John,
> 
> However, the second example in my former post in this thread points out
> that all SMTP traffic sent by "forceably proxied" AOL customer IP's does
> include spam. *SPF* will not block those spams if the AOL PC says:
> 	MAIL FROM: <irrelevant at aol.com>
> or perhaps:
> 	MAIL FROM: <AnyExistingAOLCustomer at aol.com>
> to proxy.aol.com, and proxy says the same to the final recipient MTA.
> 
No, of course not! SPF only stops any other sender from claiming to be an AOL sender and circumventing my domain filter. SPF does not stop a domain from sending spam, but makes it easier to filter by domain since it is harder to forge the sending domain.
How could that be a flaw in SPF? It does exactly what it was designed to do.

/Johan





More information about the list mailing list