Hi,
On Sat, Jun 10, 2006 at 10:26:19PM -0700, jdow wrote:
> No sir. FAIL and SOFT_FAIL prove nothing. PASS proves remarkably
> little. SPF is not a good criterion for much of anything.
>
> >I think kernel.org is a great site to be an early adopter because:
> > - the mail it transports isn't critical
> > - it interacts with a very large number of mail sites
> > - it's customers are reasonably technology-savvy.
>
> It would be a good site to adopt it outgoing. But adopting it as an
> incoming message filter is silly.
So by your definition, this method is useful only on outgoing emails
but never on incoming ones. I fail to see how it might be useful
outgoing if nobody checks incoming emails...
> >(No, SPF doesn't stop spam, but it can increase accountability so that
> >white/black lists can begin to be more usable).
>
> It does not even do that conclusively. Many of us wish it did. But if
> a spammer can post his own spf records he can claim what he wants
> about email sources. DNS cache poisoning attacks assure that this can
> take place even for sites you might control.
I think that *nobody* can tell whether the result will have positive
or negative effect. This list is populated by technical people who
will be able to participate to the test. A first approach would be
to add a header to the incoming emails telling how they have been
classified, so that people know if their config could lead them to
being blocked in the future. If, after a long test period, we notice
that it causes lots of false positives and that spams still don't
get detected, it may be time to give up on this method. Conversely,
if it turns out that only spam gets detected and that we have no
false positives, why not go one step further then ?
> {^_^} Joanne Dow said that. Seriously, I recommend a pass through the
> old SpamAssassin users mailing list for past discussions. An
> SPF_HELO_SOFTFAIL is the only thing given a sizeable score.
Regards,
Willy
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]