[unisog] Numeric SPAM

Valdis.Kletnieks@vt.edu Valdis.Kletnieks at vt.edu
Tue Jun 6 15:43:06 GMT 2006

On Tue, 06 Jun 2006 11:23:39 EDT, Micheal Cottingham said:
> For my personal servers I use SPF, so I'll probably not see any of
> these.

SPF will only block it if the spammer is using a purported From: that
actually has a published SPF value that ends with a -all hardfail.  Between
the 70% or more domains that don't publish an SPF, and the majority that
*do* publish but end it with a ~all softwail, SPF won't be making much of
a dent.

And that's probably SPF's biggest problem - you can't really *rely* on it
to stop forgeries until a vast majority of sites publish a hardfail SPF,
including *all* the 800pound gorillas.  AOL has a ?all, Hotmail and MSN
both show a ~all.  And so on.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://www.dshield.org/pipermail/unisog/attachments/20060606/b5d9b2c7/attachment.bin

More information about the unisog mailing list