[73914] in North American Network Operators' Group
Re: Spammers Skirt IP Authentication Attempts
daemon@ATHENA.MIT.EDU (vijay gill)
Wed Sep 8 07:04:01 2004
Date: Wed, 8 Sep 2004 11:02:53 +0000
From: vijay gill <vgill@vijaygill.com>
To: Paul Jakma <paul@clubi.ie>
Cc: David Cantrell <david@cantrell.org.uk>, nanog@merit.edu
In-Reply-To: <Pine.LNX.4.61.0409081148280.23011@fogarty.jakma.org>
Errors-To: owner-nanog-outgoing@merit.edu
On Wed, Sep 08, 2004 at 11:54:32AM +0100, Paul Jakma wrote:
>
> Except that, SPF records are as easy to setup for a spammer, as for
> you and I. If the above is a spammer, then SPF for foobar.com will
> list randomgibberish.comcast.net as an authorised sender.
>
> SPF will absolutely not have any effect on spam.
But if instead of foobar.com, it is vix.com or citibank.com, then their
SPF records will not point at randomgibberish.comcast.net as an
authorized sender. That means that if I do get a mail purporting to be
from citi from randomgibberish, I can junk it without hesitation.
/vijay
