Educause Security Discussion mailing list archives

Re: Anyone using SPF/SRS/SenderID ?

From: Jesse Thompson <jesse.thompson () DOIT WISC EDU>
Date: Fri, 8 Jan 2010 11:18:02 -0600

On 1/7/2010 8:40 PM, Andrew Daviel wrote:

On the receiving side, we aren't bouncing SPF failures but use the
built-in scoring in SpamAssassin. I had been whitelisting (in the
SpamAssassin sense) .edu IP blocks as being generally OK, until a recent
rash of Squirrelmail compromises. I also started using
http://www.emailreg.org/ DNSWL, though found that one of the compromised
.edu sites had listed themselves :-/

I'd like to know of an email service that hasn't had a compromisedaccount. The Nigerians aren't compromising Squirrelmail; they arecompromising end users.

As long as there are end users who fall for phishing, anti-spam methodsthat depend on the purported reputation of an email server/service areuseless in stopping this type of spam.


Jesse

--
  Jesse Thompson
  Division of Information Technology, University of Wisconsin-Madison
  Email/IM: jesse.thompson () doit wisc edu

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Current thread:

Anyone using SPF/SRS/SenderID ? Andrew Daviel (Jan 05)
- <Possible follow-ups>
- Re: Anyone using SPF/SRS/SenderID ? Jesse Thompson (Jan 06)
- Re: Anyone using SPF/SRS/SenderID ? Ed Gibson (Jan 06)
- Re: Anyone using SPF/SRS/SenderID ? Jesse Thompson (Jan 07)
- Re: Anyone using SPF/SRS/SenderID ? Andrew Daviel (Jan 07)
- Re: Anyone using SPF/SRS/SenderID ? Jesse Thompson (Jan 08)