On 06/28/2010 05:05 PM, Alan Cox wrote: > Spammers advertise SPF records of 'the whole internet' (normally split > into chunks to confuse checkers) and turning on SPF checking naïvely > simply helps the spam get through. > > Could you expound upon that a bit? AFAIK, SPF records are queried by the receiving based on the domainname in the "From" address. So, if a spammer is pretending to be sending from user@xxxxxxxxxxx the receiving end will make a DNS request for the TXT records of hotmail.com to determine its SPF records and how to treat the email after the analysis. But, maybe you are talking about domains that are owned by spammers? In that case, why would they even set SPF records since the absence of an SPF record (since SPF isn't a universally accepted practice) results in the email being accepted if SPF checking is turned on. -- Uh, so. Let's have a conversation. Uh, I think we'll find that we have very little in common. -- Homer Simpson The Last Temptation of Homer 葛 斯克 愛德華 / 台北市八德路四段
Attachment:
signature.asc
Description: OpenPGP digital signature
-- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
