Educause Security Discussion mailing list archives
Re: Anyone using SPF/SRS/SenderID ?
From: Jesse Thompson <jesse.thompson () DOIT WISC EDU>
Date: Fri, 8 Jan 2010 11:18:02 -0600
On 1/7/2010 8:40 PM, Andrew Daviel wrote:
On the receiving side, we aren't bouncing SPF failures but use the built-in scoring in SpamAssassin. I had been whitelisting (in the SpamAssassin sense) .edu IP blocks as being generally OK, until a recent rash of Squirrelmail compromises. I also started using http://www.emailreg.org/ DNSWL, though found that one of the compromised .edu sites had listed themselves :-/
I'd like to know of an email service that hasn't had a compromised account. The Nigerians aren't compromising Squirrelmail; they are compromising end users.
As long as there are end users who fall for phishing, anti-spam methods that depend on the purported reputation of an email server/service are useless in stopping this type of spam.
Jesse -- Jesse Thompson Division of Information Technology, University of Wisconsin-Madison Email/IM: jesse.thompson () doit wisc edu
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
Current thread:
- Anyone using SPF/SRS/SenderID ? Andrew Daviel (Jan 05)
- <Possible follow-ups>
- Re: Anyone using SPF/SRS/SenderID ? Jesse Thompson (Jan 06)
- Re: Anyone using SPF/SRS/SenderID ? Ed Gibson (Jan 06)
- Re: Anyone using SPF/SRS/SenderID ? Jesse Thompson (Jan 07)
- Re: Anyone using SPF/SRS/SenderID ? Andrew Daviel (Jan 07)
- Re: Anyone using SPF/SRS/SenderID ? Jesse Thompson (Jan 08)