This is a discussion on Re: Returned mail spam - SpamAssassin ; > From: Graham Murray > Date: Sun, 13 Apr 2008 11:08:03 +0100 > To: > Subject: Re: Returned mail spam > > mouss writes: > >> ahuh? how would spf fix the problem if spam gets out from an >> ...
> From: Graham Murray
> Date: Sun, 13 Apr 2008 11:08:03 +0100
> Subject: Re: Returned mail spam
>> ahuh? how would spf fix the problem if spam gets out from an
>> authorized client (yahoo, google, hotmail, aol, ...). however you
>> respond, you'll find out that such (ougoing) spam problem isn't fixed
>> _by_ SPF. In particular, don't tell me "they will fix their outgoing
> If you publish a suitable SPF record then you will not receive any
> backscatter (which is the subject of this thread) from sites which
> correctly implement SPF checking. Do not forget that SPF is not an
> anti-spam too per-se but an anti-forgery one. Backscatter is one of the
> problems which SPF fixes.
ONLY for those sites that implement SPF in a pre-queue type filter, and ONLY
I you use -all record types.
But then again, the sites that correctly implement SPF in a pre-queue type
filter also probably implement recipient verification in a pre-queue filter
and are not as likely to be the source of backscatter anyway.
Yes, implement SPF records, it doesn't cost anything. Just make sure your
users don't FWD their emails out, and that your marketing department has
identified any any all companies that send email on your behalf.
Michael Scheidell, CTO
>|SECNAP Network Security
Winner 2008 Network Products Guide Hot Companies
FreeBSD SpamAssassin Ports maintainer
This email has been scanned and certified safe by SpammerTrap(tm).
For Information please see http://www.spammertrap.com