Re: [Asrg] SPF abused by spammers

[Peter Bowyer <peeebeee at gmail.com>]

On Thu, 9 Sep 2004 14:59:15 +0200, Markus Stumpf
<maex-lists-spam-ietf-asrg at space.net> wrote:
> Justin Murdock posted this link on the qmail list:
> 
>    http://news.bbc.co.uk/1/hi/technology/3631350.stm
>    "CipherTrust [...] found that 34% more spam is passing SPF checks than
>    legitimate e-mail."

Good, another chance to debunk this....

CipherTrust correctly reported that spammers are publishing SPF
records. What they didn't emphasise enough, however, is that this
means that SPF is WORKING AS INTENDED. In order to pass SPF checks,
the spammer has to be using a registered domain over which they have
DNS control - which is several steps towards accountability. The press
unfortunately picked up on the wrong part of the message, and
sensationalised it way out of context.

SPF is not an anti-spam tool. SPF is an anti-forgery tool.

An SPF 'pass' is not, and was never intended to be, an indicator that
a message is spam. An SPF fail, however, is an indication that the
message has a forged sender, and should probably be blocked. It is
this fact which is causing spammers to publish SPF, which as indicated
above, is a Good Thing.

Peter

_______________________________________________
Asrg mailing list
Asrg at ietf.org
https://www1.ietf.org/mailman/listinfo/asrg