Author: W B Hacker Date: To: exim users Subject: Re: [exim] SPF Feature - Walk Received header
Marc Perkel wrote: > *trimming this - it has gotten overlong...
(Peter Bowyer) >>> Granted that a spammer could forge received headers. Most don't.
>>>
>> Eh? Have you looked at many spam samples lately? Or in the last 10 years?
>>
>>
>>> I'm
>>> thinking that not bouncing forwarded email is better than the few spammers
>>> who sneak through.
>>>
>> Not spammers - forgers. Providing a way to defeat an anti-forgery
>> mechanism wouldn't be my choice. But hey, if that's what you want....
>>
>>
>>
>
> I'm thinking that forgers would be less of a problem that false
> positives produced by forwarded email. I'm more concerned about false
> positives which are far more common under SPF.
Marc,
bass-ackwards logic. spf was intended to aid in reducing forgery, and -
regardless of claims, cannot do that perfectly anyway.
You can 'compromise' the utility of some other tool, but further
compromising spf forgery-reduction capability is worse than simply
ceasing to look at it at all.
Grind the sharp-edge flat on an axe and go pound nails with it.
Or sand.
Either way, it makes a poor hammer. The balance is all wrong.