Re: [exim] SPF Feature - Walk Received header

Top Page
Delete this message
Reply to this message
Author: W B Hacker
Date:  
To: exim users
Subject: Re: [exim] SPF Feature - Walk Received header
Marc Perkel wrote:
>

*trimming this - it has gotten overlong...

(Peter Bowyer)
>>> Granted that a spammer could forge received headers. Most don't.
>>>
>> Eh? Have you looked at many spam samples lately? Or in the last 10 years?
>>
>>
>>> I'm
>>> thinking that not bouncing forwarded email is better than the few spammers
>>> who sneak through.
>>>
>> Not spammers - forgers. Providing a way to defeat an anti-forgery
>> mechanism wouldn't be my choice. But hey, if that's what you want....
>>
>>
>>
>
> I'm thinking that forgers would be less of a problem that false
> positives produced by forwarded email. I'm more concerned about false
> positives which are far more common under SPF.


Marc,

bass-ackwards logic. spf was intended to aid in reducing forgery, and -
regardless of claims, cannot do that perfectly anyway.

You can 'compromise' the utility of some other tool, but further
compromising spf forgery-reduction capability is worse than simply
ceasing to look at it at all.

Grind the sharp-edge flat on an axe and go pound nails with it.

Or sand.

Either way, it makes a poor hammer. The balance is all wrong.

Bill