Autor: Dean Brooks Data: Para: exim-users Asunto: Re: [exim] support for domainkeys
On Thu, Sep 23, 2004 at 10:35:41AM -0400, Walt Reed wrote:
> I think people get confused about SPF / Sender-ID in regards to spam.
>
> SPF will not stop spam. Spammers even use SPF now. SPF's main utility
> is to reduce collateral spam/damage from malware or joejobs. It will not
> eliminate it unless there is a 100% adoption rate (fat chance of that
> happening.)
I'm glad you posted this. I've been sitting on the sidelines totally
confused why everyone is so interested in SPF. It seems to be of
absolutely no use other than to deal with spam zombies/proxies, and
even then, it won't be possible for us to really be strict on its
implementation until there is close to 100% adoption.
As a regional ISP, we've published SPF records for our domain, but I'm
still at a loss as to why all this effort has been put into something
that is going to have such little impact on the original problem.
In my opinion, all this time invested in SPF is foolish, as eventually
some sort of public key system (with authorizing cert registrars) is
going to be necessary. Any fool can buy a domain and add an SPF record,
but it's another thing altogether to require them to purchase an SSL
cert for the purpose of handling server-to-server email communications.
Plus it gives the ability for certifications to be revoked and/or
scrutinized for validity.