SV: [DShield] SPF is fundamentally flawed
Johan.Strand at frontend.se
Thu Feb 19 08:32:42 GMT 2004
> -----Ursprungligt meddelande-----
> Från: Erik van Straten [mailto:emvs.dsh.3FB4CC72 at cpo.tn.tudelft.nl]
> Skickat: den 19 februari 2004 01:04
> Till: list at dshield.org
> Kopia: abuse at aol.com
> Ämne: Re: [DShield] SPF is fundamentally flawed
> However, the second example in my former post in this thread points out
> that all SMTP traffic sent by "forceably proxied" AOL customer IP's does
> include spam. *SPF* will not block those spams if the AOL PC says:
> MAIL FROM: <irrelevant at aol.com>
> or perhaps:
> MAIL FROM: <AnyExistingAOLCustomer at aol.com>
> to proxy.aol.com, and proxy says the same to the final recipient MTA.
No, of course not! SPF only stops any other sender from claiming to be an AOL sender and circumventing my domain filter. SPF does not stop a domain from sending spam, but makes it easier to filter by domain since it is harder to forge the sending domain.
How could that be a flaw in SPF? It does exactly what it was designed to do.
More information about the list