From: "marty fouts" <[email protected]>
On 6/10/06, David Woodhouse <[email protected]> wrote:
On Sun, 2006-06-11 at 01:27 +0300, Matti Aarnio wrote:
> Now that there is even an RFC published about SPF...
Please, don't do this. SPF makes assumptions about email which are just
not true; it rejects perfectly valid mail.
http://david.woodhou.se/why-not-spf.html
--
dwmw2
I agree.
Further, while there is an RFC for SPF, it is an RFC for an
experimental protocol. In addition to what David points out in his web
site, SPF is controversial, and is in competition with other
approaches. (See RFC 4408.)
It's not widely deployed. It doesn't work. It'll break standard-abiding email.
Do you really want that?
Rather than inject emotions let's play a little bit with facts. This is
excerpts from a SpamAssassin report for about 82000 emails.
TOP SPAM RULES FIRED
------------------------------------------------------------
RANK RULE NAME COUNT %OFRULES %OFMAIL %OFSPAM %OFHAM
------------------------------------------------------------
49 SPF_SOFTFAIL 1804 0.42 2.20 8.31 0.01
72 SPF_HELO_PASS 1112 0.26 1.36 5.13 47.45
78 SPF_PASS 994 0.23 1.21 4.58 45.53
92 SPF_HELO_SOFTFAIL 772 0.18 0.94 3.56 0.03
113 SPF_FAIL 589 0.14 0.72 2.71 0.00
177 SPF_HELO_FAIL 352 0.08 0.43 1.62 0.00
Stated from the opposite view
TOP HAM RULES FIRED
------------------------------------------------------------
RANK RULE NAME COUNT %OFRULES %OFMAIL %OFSPAM %OFHAM
------------------------------------------------------------
5 SPF_HELO_PASS 28563 7.20 34.88 5.13 47.45
6 SPF_PASS 27409 6.90 33.47 4.58 45.53
And so forth.
People here should be smart enough to draw their own conclusions from
raw data.
IMAO, on the whole SPF is not a tool sufficiently good to use as a tool
for rejecting email in and of itself. It is good as a part of a full
anti-spam suite in a half hearted manner. A pass MAY be worthy of a
small negative score for a tool like SpamAssassin. A fail of any kind
is not worth much more than ignoring the fact that it happened. It is
most useful in conjunction with other rejection tools that are based
on identity - typically IP block lists.
As it turns out it has proven quite simple for spammers to get around
with DNS cache poisoning and other techniques. One such trick is a
false DNS record that has an spf record allowing access to the entire
IP world.
Using SPF exclusively is as silly a mugg's game as relying 100% on
the likes of SORBS.
{^_^} Joanne Dow said that.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
