[Dshield] Are you using spf records?
martin at forest.gen.nz
Thu Jan 5 06:40:57 GMT 2006
Happy new year to all of you.
I have done some minor research with SPF records. It is nice to see that
several of the big domains such as hotmail, msn, aol etc have started to
use SPF records. Especially as they are often used in forged emails. With
them posting spf, it is now possible to block the spam bots that use
their "from addresses".
How many of you have spf records on your domains?
Thouse of you that don't have it, are you planning on it?
How many of you are using spf as part of your spam filtering?
I've done dns sniffing and can see more and more lookups for txt/spf
records for the emails.
One interesting thing I've noticed is that several of the big banks in
APAC, that constantly experience phishing attacks, don't have SPF records!
Funny, with SPF records, any ISP/organization that look at spf records
would be able to reject the phishing attacks. Maybe it is "to hard work"
for them as they would only save several milion dollars per year...
Ps. If there is anyone on the list that don't know what spf is, have a
look at http://www.openspf.org
If you take copy protection too far, the only customers you will have are
the ones that intend to sell illegal copies of your work. By: Martin Forest
Warning: DRM/BMG protected CD’s are likely to infect you with a Rootkit.
More information about the list