Re: VGER does gradual SPF activation (FAQ matter)

Hi,

On Sat, Jun 10, 2006 at 10:26:19PM -0700, jdow wrote:
 
> No sir. FAIL and SOFT_FAIL prove nothing. PASS proves remarkably
> little. SPF is not a good criterion for much of anything.
> 
> >I think kernel.org is a great site to be an early adopter because:
> > - the mail it transports isn't critical
> > - it interacts with a very large number of mail sites
> > - it's customers are reasonably technology-savvy. 
> 
> It would be a good site to adopt it outgoing. But adopting it as an
> incoming message filter is silly.

So by your definition, this method is useful only on outgoing emails
but never on incoming ones. I fail to see how it might be useful
outgoing if nobody checks incoming emails...

> >(No, SPF doesn't stop spam, but it can increase accountability so that
> >white/black lists can begin to be more usable).
> 
> It does not even do that conclusively. Many of us wish it did. But if
> a spammer can post his own spf records he can claim what he wants
> about email sources. DNS cache poisoning attacks assure that this can
> take place even for sites you might control.

I think that *nobody* can tell whether the result will have positive
or negative effect. This list is populated by technical people who
will be able to participate to the test. A first approach would be
to add a header to the incoming emails telling how they have been
classified, so that people know if their config could lead them to
being blocked in the future. If, after a long test period, we notice
that it causes lots of false positives and that spams still don't
get detected, it may be time to give up on this method. Conversely,
if it turns out that only spam gets detected and that we have no
false positives, why not go one step further then ?

> {^_^}   Joanne Dow said that. Seriously, I recommend a pass through the
>        old SpamAssassin users mailing list for past discussions. An
>        SPF_HELO_SOFTFAIL is the only thing given a sizeable score.

Regards,
Willy

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

---

• References:
  • Re: VGER does gradual SPF activation (FAQ matter)
    • From: Neil Brown <[email protected]>
  • Re: VGER does gradual SPF activation (FAQ matter)
    • From: "jdow" <[email protected]>

• Prev by Date: Re: [Ext2-devel] [RFC 0/13] extents and 48bit ext3
• Next by Date: Re: IRQ sharing: BUG: spinlock lockup on CPU#0
• Previous by thread: Re: VGER does gradual SPF activation (FAQ matter)
• Next by thread: Re: VGER does gradual SPF activation (FAQ matter)
• Index(es):
  • Date
  • Thread

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]