[Dshield] Are you using spf records?
brian at dessent.net
Thu Jan 5 15:38:06 GMT 2006
Martin Forest wrote:
> I have done some minor research with SPF records. It is nice to see that
> several of the big domains such as hotmail, msn, aol etc have started to
> use SPF records. Especially as they are often used in forged emails. With
> them posting spf, it is now possible to block the spam bots that use
> their "from addresses".
Uh, sorry I don't think so. All of those major sites you listed are
publishing Neutral (?all) or SoftFail (~all) records which really don't
do any good for rejecting spam. And the spammers can just use any of a
virtually unlimited number of domains in their from:'s, so it doesn't
matter. The only really useful SPF is (-all) and hardly anybody of
notable size uses it.
SPF is not a useful spam solution at all. It was a good idea, but it
will be another in a long line of things that were tried that really did
not do much. Perhaps the question you should be asking is why have some
sites like outblaze that have had SPF records for years recently removed
Please see my reply
More information about the list