North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Spammers Skirt IP Authentication Attempts

  • From: vijay gill
  • Date: Wed Sep 08 07:46:18 2004

On Wed, Sep 08, 2004 at 12:14:54PM +0100, Paul Jakma wrote:
> On Wed, 8 Sep 2004, vijay gill wrote:
> 
> >But if instead of foobar.com, it is vix.com or citibank.com, then 
> >their SPF records will not point at randomgibberish.comcast.net as 
> >an authorized sender. That means that if I do get a mail purporting 
> >to be from citi from randomgibberish, I can junk it without 
> >hesitation.
> 
> Yes, all we need for SPF to work is for spammers to play along and 
> cooperate, and we'll be able to filter out the spam they send.
> 
> Earth calling... ;)

I'm probably going into an argument with a net.kook but just to be sure,
let me clarify this: How do you think spammers will be able to subvert
citibank.com to have random.cablemodem.net as a permitted sender?

I've never believed spf was the ultimate solution, just that it allows me to
better filter some of the joe-bobs.

/vijay - falling yet again into another argument which is probably more
annoying than a thorned thong.