nanog mailing list archives
Sender authentication & zombies (was Re: Time to check the rate limits on your mail servers)
From: "J.D. Falk" <jdfalk () cybernothing org>
Date: Sat, 5 Feb 2005 09:39:31 -0800
On 02/04/05, Douglas Otis <dotis () mail-abuse org> wrote:
Attempting to detect spam trickled through thousands of compromised systems sent through the ISP's mail servers, SPF does nothing,
Nor is it purported to. Domain-based authentication schemes are intended to handle an entirely different problem.
and could actually damage the reputation of those domains that authorize the provider for their mailbox domain using SPF. These records can be read by the spammers and then exploited. Repairing this reputation could be next to impossible.
You touch on some basic realities here: 1. spam coming out of your network will affect your reputation. 2. spam coming out of your own mail machines will affect your reputation even more immediately. Neither are affected by any of the domain authentication schemes currently in play (SPF, SenderID, DomainKeys, etc.) The spam itself may include forgeries, but that's a different issue. -- J.D. Falk uncertainty is only a virtue <jdfalk () cybernothing org> when you don't know the answer yet
Current thread:
- Re: Time to check the rate limits on your mail servers, (continued)
- Re: Time to check the rate limits on your mail servers J.D. Falk (Feb 03)
- Re: Time to check the rate limits on your mail servers John Underhill (Feb 03)
- RE: Time to check the rate limits on your mail servers Hannigan, Martin (Feb 03)
- Re: Time to check the rate limits on your mail servers J.D. Falk (Feb 03)
- Re: Time to check the rate limits on your mail servers Adi Linden (Feb 03)
- Re: Time to check the rate limits on your mail servers Joel Jaeggli (Feb 03)
- Re: Time to check the rate limits on your mail servers Guðbjörn S. Hreinsson (Feb 03)
- Re: Time to check the rate limits on your mail servers Edward B. Dreger (Feb 03)
- Re: Time to check the rate limits on your mail servers Todd Vierling (Feb 04)
- Re: Time to check the rate limits on your mail servers Douglas Otis (Feb 04)
- Sender authentication & zombies (was Re: Time to check the rate limits on your mail servers) J.D. Falk (Feb 05)
- Re: Sender authentication & zombies (was Re: Time to check the rate limits on your mail servers) Douglas Otis (Feb 05)
- Re: Sender authentication & zombies (was Re: Time to check the rate limits on your mail servers) J.D. Falk (Feb 05)
- Re: Sender authentication & zombies (was Re: Time to check the rate limits on your mail servers) Sean Donelan (Feb 05)
- Re: Sender authentication & zombies (was Re: Time to check the rate limits on your mail servers) Douglas Otis (Feb 05)
- Re: Sender authentication & zombies (was Re: Time to check the rate limits on your mail servers) J.D. Falk (Feb 06)
- Re: Sender authentication & zombies (was Re: Time to check the rate limits on your mail servers) Douglas Otis (Feb 06)
- Re: Time to check the rate limits on your mail servers J.D. Falk (Feb 03)
- Re: Time to check the rate limits on your mail servers Edward B. Dreger (Feb 05)
- Re: Time to check the rate limits on your mail servers Adi Linden (Feb 05)
- Re: Time to check the rate limits on your mail servers Edward B. Dreger (Feb 05)
- Re: Time to check the rate limits on your mail servers Jørgen Hovland (Feb 05)