fantomposter
Phantom Poster
Premium
join:2002-09-21
Independence, OH
| Re: Why no revision to SMTP to include authenticat said by TamaraB  :
He can't! He is not listed as authoritave for comcast IP's, he can use a redirect mechinism, but that does the oposite of what he wants.
I have not seen a spec on SPF that says you check IP addresses. It only checks the SPF records for the domain name in the from field.
quote:
My smtp server gets a connect from that trojened comcast machine, my server checks with COMCAST DNS for spf, not his DNS...
You got that backwards. That is not what SPF does. If I have that wrong point me to a website that explains it is otherwise.
All SPF does is check the authoritative DNS for the DOMAIN name in the from field. It checks the DNS records for that domain name and makes sure there is an SPF record that shows the sending computers IP address. If spammer controls his own domain name then he can put any IP address he wants in the SPF record.
Check here: »spf.pobox.com/faq.html
And scroll down to the part where the headline is:
"It doesn't really prevent spam. Spammers can always get throwaway domains, etc."
Don't get me wrong, SPF is needed, to fix the virus bounces and the forged from address's in spam, it does a great job of that, but not much more. |
·
