Re: [Exim] Fixing SPF Forward Problem by Reply-to: Hack?

Inizio della pagina
Delete this message
Reply to this message
Autore: Suresh Ramasubramanian
Data:  
To: J Yunke
CC: exim-users
Oggetto: Re: [Exim] Fixing SPF Forward Problem by Reply-to: Hack?
J Yunke writes on 3/22/2004 1:59 AM:

> #1. Forwards breaking sucks and will result in added effort by all and
> even increased support calls.
>
> #2. Spammers can just register throw-away domains, publish SPF/Caller-ID
> records, and everyone's happy.
>
> #3. SPF is not perfect. Caller ID is not perfect. DomainKeys is not
> perfect.


It is not perfect, but it does have its applications - such as in large
domains like aol / mail.com / hotmail, where the client (webmail or
desktop) is under the provider's control, and the major problem is spam
spoofing that domain, sent from sources around the world.

We currently look for spoofed aol spam using a lot of ugly hacks which
work - but may well work only within our system, and aren't foolproof.
Like, if we get aol mail from a host that doesn't have rDNS, or has
generic / dialup type rDNS (host-25-35-42.225.cablemodem.provider.com)
then we reject the email. HELO aol.com is accepted as valid if and only
if issued by a host with aol.com rDNS. etc ..

AOL publishing spf records means that we know where aol mail will
actually originate from, and can check for that as well without keeping
track of their IP space and / or rDNS patterns.

    srs