hi juerg
sorry to say, but it seems you don't know all the advantages/disadvantages of SPF. SPF validates the domain of the mail envelope "return-path". this will lead spammers to use on-time-domains (register skdlfjasldfj24829402.com for that) ;-)
at the moment you can only use SPF to verificate, that this user is really allowed to send email/spam/whatever and therefore you just say: ok, it's not spam. so, just use SPF as a additional criteria to your probably spamassassin based spam filter, or do you really deny mails on SPF values?
another problem are relayed domains or domains, which are forwarded. the SPF entry will be false for that one.
then, how do you solve customers, which use abroad email servers to send their emails? (e.g. customer in germany, uses t-online.de mailerver and yes, i know that ther is a solution called SMTP AUTH - tell this to the customer ,-)) and i'm sure you can fake the headers that you will not use SPF to validate those headers.
so, in conclusion it's just a thing that takes the spammer some weeks/days/hours to implement a new solution and start again throwing tons of mails out to the big dark space called internet ;-)
just my 2 cents
-steven
oh, at least you implemented it ;-)
-su-2.05b# host -t TXT jworld.ch jworld.ch descriptive text "v=spf1 ip4:66.150.163.128/26 ip4:82.195.224.240 ~all"
-----Original Message----- From: swinog-bounces@lists.swinog.ch [mailto:swinog-bounces@lists.swinog.ch]On Behalf Of Juerg Reimann Sent: Wednesday, May 18, 2005 4:01 PM To: swinog@swinog.ch Subject: [swinog] SPF implementation
To whom it may concern...
I've run a little test whether Swiss ISPs use SPF or not and it turned out that very few have actually implemented it (actually, I found not a single one). Is there a reason for that? It's a very simple implementation and it could prevent a lot of damage like the most recent one after Sober.Q.
I would suggest ISPs should implement SPF quickly and talk to their customers about it. (See http://spf.pobox.com/ for further information.)
Regards, Juerg Reimann
-- jradio.ch St. Jakobstrasse 39 CH-8004 Zürich +41 43 544 07 70
business card: http://jradio.ch/contact/ security keys: http://jradio.ch/pubkeys/
swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog