SPF question

Madison Kelly linux-5ZoueyuiTZhBDgjK7y7TUQ at public.gmane.org
Wed Oct 31 19:15:19 UTC 2007


Lennart Sorensen wrote:
> On Wed, Oct 31, 2007 at 06:48:33PM +0000, Christopher Browne wrote:
>> The thing is, the Nigerian "419 scams" date back decades, and
>> evidently continue to be effective because of the combination of greed
>> and gullibility.  They were happening before email existed.
>>
>> The essential problems are not technical ones...
> 
> Exactly.  I also don't think a technical solution is going to solve it
> either.  Maybe there has to be a test to take before you are allowed to
> use email. :)

All of the valid topics you both bring up aside (and thank you for 
them!), but reason for using SPF came about because a *massive* flood of 
bounced messages started coming in to my 'admin at ...' email claiming that 
user's of my domain were sending out messages (from IPs in eastern 
countries). I needed a way to tell these other mail servers that these 
messages where, in fact, not coming from me or my users.

Now I realize the flaw in saying "Only validate email coming from this 
range of IPs" because of legit foreign users, but at the times it looked 
like a great solutions and did indeed bring the flood down to the usual 
trickle.

So back to my original question; is there a way, shy of creating a big 
list of IPs/ISPs my users may route their SMTP mail through, to tell 
other MTAs what is legit from my users?

I'm coming to the sad realization that, no, probably not. *sigh*

Madi
--
The Toronto Linux Users Group.      Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists





More information about the Legacy mailing list