North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Spammers Skirt IP Authentication Attempts
On Mon, 6 Sep 2004, Paul Vixie wrote: > > > This is not a good beginning > > > > http://www.eweek.com/article2/0,1759,1642848,00.asp > > every time i see another Final and Ultimate Solution to the Spam Problem > (FUSSP, (tm) VJS) get some traction and then fall well short of its goals, > i've had the same emotion: "well what the h--- did you think was going to > happen?" > I'm not sure the people behind this concept (SPF, RMX, et al) ever intended it to be the FUSSP, but a lot of the ensuing enthusiasm built it up to that. I've *never* viewed SPF as an "antispam" methodology, but considered it an inevitable utility of the DNS system. Other methods are evolving to deal with spam, don't confuse them with what SPF is, which is essentially an authentication/identification framework that has the ability to mitigate one of the more popularly used spam obfuscation techniques. That spammers are publishing SPF records is in no way indicative of an inherent flaw in SPF's objectives or a failure in its implementation, in fact, I welcome spammers who publish SPF data detailing the originating points of their email. If more "known spam domains" did this, a handy DNSBL could be constructed out of such data (with a few caveats of course, it would also potentially open the door to a type of DoS attack). But at the end of the day, none of this is surprising and none of it constitutes a "failure" or setback for SPF (quite the contrary in fact). -mark -- Mark Jeftovic <[email protected]> Co-founder, easyDNS Technologies Inc. ph. +1-(416)-535-8672 ext 225 fx. +1-(416)-535-0237
|