[TriLUG] Another seal broken... thinking of installing a C/R anti-spam system
Brad Jorsch
anomie at users.sourceforge.net
Sun Jan 28 16:51:55 EST 2007
[Hi Everybody!]
On Sun, Jan 28, 2007 at 12:12:50AM -0500, Tanner Lovelace wrote:
>
> There are, however, two problems I see with [SMTP-Auth + something like SPF]
>
> 1. Forwarding domains.
Seconded. Every address I use is a forwarder, which made it really easy
to move from Bellsouth to RR recently: just change the forwarders.
SPF defines 'SRS' to rewrite the sender address to get around this
problem, however every forwarder would have to do SRS for it to solve
the problem. And it would not work with this Auth+SPF scheme: Is
SRS0+yf09=Cw=microsoft.com=billg at spammer.example.com really a forwarded
message from a software giant with monopolistic tendancies, or is it a
fake? Even if mx.spammer.example.com claims it received the 'forward'
with proper auth?
I can't think of any way to authenticate the "Mail From" address without
either (1) breaking forwarding, (2) requiring all mail servers implement
something, or (3) requiring sender verify callouts of some sort. And
even if we did find some solution, it wouldn't "cripple spammers" for
the same reasons I mention below.
Also, to add to the list of problems with Auth+SPF as an anti-*spam*
solution:
3. It does nothing about mail sent from spammer domains, or spammer
accounts.
4. It does nothing about zombies who send using the compromised
machine's credentials and smarthost, although it does give the smarthost
a chance to see what's going on and more incentive to do something about
it.
More information about the TriLUG
mailing list