I have been wondering for some time now on the true value of SPF in
the real world. I feel that, out of the starting gate, SPF is broke.
The issue I have concerns about is the hiding of a company behind SPF
while "following the rules" to continue sending spam. The continued
use of SPF by spammers to merely authenticate their servers.
The issue I have concerns about is the hiding of a company behind SPF
while "following the rules" to continue sending spam. When the
companmy uses SPF the mailers of the world are fooled into accepting
more spam.
What is in the SPF to prevent this kind of abuse?
Here is a header line from a gmail I recieved today. It is one of 345
recieved since 10 January, 2006 from a company listing its address as
2309 Bel Air Rd.,Suite 311Fallston, MD 21047. Despite "repeated link
clicking" and "unsubscribes" they continue sending email.
Received-SPF: pass (google.com: domain of
rmcdcjrgqb@yarnbasketball.com designates 66.159.16.202 as permitted
sender)
yarnbasketball.com
Whois Privacy Protection Service, Inc
Creation date: 16 Feb 2007 17:45:25
The yarnbasketball.com domain did not exist last week and, like this
older one, will not be in use in a couple of weeks down the road.
Instead the name will merely resolve to an IP address which has no
webcontent.
Received-SPF: pass (google.com: domain of re1glq2thb@vortexsoup.com
designates 198.145.252.217 as permitted sender)
(Sent Wed, 10 Jan 2007 20:06:35 -0800)
vortexsoup.com
Whois Privacy Protection Service, Inc.
Creation date: 20 Dec 2006 01:35:54
Regards
Bill Ries-Knight
Stockton, CA
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?list_id=735
the real world. I feel that, out of the starting gate, SPF is broke.
The issue I have concerns about is the hiding of a company behind SPF
while "following the rules" to continue sending spam. The continued
use of SPF by spammers to merely authenticate their servers.
The issue I have concerns about is the hiding of a company behind SPF
while "following the rules" to continue sending spam. When the
companmy uses SPF the mailers of the world are fooled into accepting
more spam.
What is in the SPF to prevent this kind of abuse?
Here is a header line from a gmail I recieved today. It is one of 345
recieved since 10 January, 2006 from a company listing its address as
2309 Bel Air Rd.,Suite 311Fallston, MD 21047. Despite "repeated link
clicking" and "unsubscribes" they continue sending email.
Received-SPF: pass (google.com: domain of
rmcdcjrgqb@yarnbasketball.com designates 66.159.16.202 as permitted
sender)
yarnbasketball.com
Whois Privacy Protection Service, Inc
Creation date: 16 Feb 2007 17:45:25
The yarnbasketball.com domain did not exist last week and, like this
older one, will not be in use in a couple of weeks down the road.
Instead the name will merely resolve to an IP address which has no
webcontent.
Received-SPF: pass (google.com: domain of re1glq2thb@vortexsoup.com
designates 198.145.252.217 as permitted sender)
(Sent Wed, 10 Jan 2007 20:06:35 -0800)
vortexsoup.com
Whois Privacy Protection Service, Inc.
Creation date: 20 Dec 2006 01:35:54
Regards
Bill Ries-Knight
Stockton, CA
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?list_id=735