Autor: J Yunke Data: A: Suresh Ramasubramanian CC: exim-users Assumpte: Re: [Exim] Fixing SPF Forward Problem by Reply-to: Hack?
> AOL publishing spf records means that we know where aol mail will > actually originate from, and can check for that as well without keeping
> track of their IP space and / or rDNS patterns.
So, playing devil's advocate, why wouldn't a company or organization that
does business with the general public, NOT want to use a mechanism like
SPF? Are you saying I'm not as big or important as AOL, and that I
shouldn't care about my reputation? :)
Another case in point -- I received many bounces back from servers that
rejected a virus sent from my @productivity.org account. Looking at the
headers, it was obvious it didn't originate from my servers. Since I'm
likely in several address books of friend/family/colleagues and on mailing
lists, I was used in an address-book from/to attack common with many
e-mail-borne virii.
If the receipient servers implemented SPF, they'd know it didn't likely
come from the servers of my domain. This could potentially reduce, in the
least case, annoyance, and in the worst case, potential legal action from
a technologically ignorant yet resourceful organization.
