> >>>mouss wrote:
> >>>>he's not the only one... seems there's a lot of backscatter coming in
> >>>>these days.
> >>>>
> >>>>Thanks for confirming that spf doesn't fix the problem.


> Matus UHLAR - fantomas wrote:
> >SPF is designed to fix the problem,


On 10.04.08 17:16, mouss wrote:
> ahuh? how would spf fix the problem if spam gets out from an authorized
> client (yahoo, google, hotmail, aol, ...).


Read below.

If you authorize yahoo google hotmail and aol to send mail from your domain,
don't talk about SPF problems ... and there is no other authorization in SPF
than this one...

> however you respond, you'll
> find out that such (ougoing) spam problem isn't fixed _by_ SPF. In
> particular, don't tell me "they will fix their outgoing spam".


SPF is not designed to prevent spam, but forgery. If there are SPF records
in your domain that "permit" only your hosts to send mail from yor domain,
any mail from your domain coming from different hosts should be rejected.

So, if you set up proper SPF records on your domain, any server that follows
SPF should reject such mail, which would prevent from sending you
backscatter.

Yes, I know that servers sending backscatter usually don't check for SPF,
and I also know that SPF-aware servers usually don't backscatter, however
there surely are cases where the spam goes throufh SPF-aware mailserver to
another sending backscatter, which helps the situation..

It was alread mentioned that (at least some) spammers try to avoid sending
mail using domain with SPF properly set up. If SPF is not properly set up,
it's the problem of the domain admin, of course.

> while I don't say that SPF is useless, you'll have a hard time
> convincing me that "it is always good to have SPF...".
>
> I personally have found that SPF causes more problems than it helps, and
> for that I do not recommend setting SPF record for "general use" domains.


SPF doesn't cause any problems, it only highlits some existing problems,
mostly those related to mail forwarding.

It only causes problems if SPF records are badly configured...
--
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
My mind is like a steel trap - rusty and illegal in 37 states.