Gentlemen,
maybe this have been discussed (many times) already; if so please excuse
me and point me to archieves/documents. If not, I'd like to discuss it.
Assume that SPF (or its equivalent) is widely deployed already. Now,
what a spammer can do to overcome it? Purchase one or sevaral domains,
and publish permissive SPF records for them, possibly within multiple
subdomains. Given that domains are cheap, and blacklists will
inevitably lag behind, this may become a significant problem.
Did anyone think how to eliminate or minimize this threat? Maybe (just
maybe) some provisions in the protocol might help? E.g., limitation on
the depth of dubdomains? If so, it's time to think about them now,
before the protocol is finalized.
Eugene
-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-devel@v2.listbox.com
maybe this have been discussed (many times) already; if so please excuse
me and point me to archieves/documents. If not, I'd like to discuss it.
Assume that SPF (or its equivalent) is widely deployed already. Now,
what a spammer can do to overcome it? Purchase one or sevaral domains,
and publish permissive SPF records for them, possibly within multiple
subdomains. Given that domains are cheap, and blacklists will
inevitably lag behind, this may become a significant problem.
Did anyone think how to eliminate or minimize this threat? Maybe (just
maybe) some provisions in the protocol might help? E.g., limitation on
the depth of dubdomains? If so, it's time to think about them now,
before the protocol is finalized.
Eugene
-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname=spf-devel@v2.listbox.com