Re: Spammers Skirt IP Authentication Attempts

[vijay gill <vgill () vijaygill com>]

On Wed, Sep 08, 2004 at 12:14:54PM +0100, Paul Jakma wrote:
> On Wed, 8 Sep 2004, vijay gill wrote:
>
> > But if instead of foobar.com, it is vix.com or citibank.com, then 
> > their SPF records will not point at randomgibberish.comcast.net as 
> > an authorized sender. That means that if I do get a mail purporting 
> > to be from citi from randomgibberish, I can junk it without 
> > hesitation.
>
> Yes, all we need for SPF to work is for spammers to play along and 
> cooperate, and we'll be able to filter out the spam they send.
>
> Earth calling... ;)

I'm probably going into an argument with a net.kook but just to be sure,
let me clarify this: How do you think spammers will be able to subvert
citibank.com to have random.cablemodem.net as a permitted sender?

I've never believed spf was the ultimate solution, just that it allows me to
better filter some of the joe-bobs.

/vijay - falling yet again into another argument which is probably more
annoying than a thorned thong.