[nycbug-talk] [Fwd: Kaminsky redux - libspf2 dns parsing bug]
Andy Kosela
akosela at andykosela.com
Thu Oct 23 02:34:14 EDT 2008
On Wed, Oct 22, 2008 at 8:07 PM, Max Gribov <max at neuropunks.org> wrote:
> well, I use it, and hotmail/ms seem to like it - they do have their own
> implementation called sender-id
> http://www.microsoft.com/mscorp/safety/technologies/senderid/default.mspx
> http://www.microsoft.com/mscorp/safety/content/technologies/senderid/wizard/
>
> spf requires everyone to use it to be effective, and from running a mail
> server for a while, they only thing that really made a difference in
> spam for me was greylisting - quickly looking through logs, i dont see
> any rejections based on spf
>
> i still use it because it *may* prevent that 1% (arbitrary number alert)
> of spam, and gives me slightly better "reputation" with
> hotmail/live.com/msn
On the contrary I use it because it blocks quite a bit of our SPAM
traffic. I know SPF is flawed from the very beginning but I had to
turn off greylisting just because it was generating too many blocked
messages (not all mail servers out there are intelligent enough to
handle it properly).
Oct 23 01:59:35 aegis postfix/policy-spf[67264]: : SPF fail:
smtp_comment=Please see
http://www.openspf.org/why.html?sender=x%x&ip=x.x.x.x&receiver=x,
header_comment=x: domain of x does not designate x.x.x.x as permitted
sender
--
Andy Kosela
ora et labora
More information about the talk
mailing list