Nelson's Weblog: tech / bad / sender-protection-framework-failure


Mastodon @nelson@tech.lgbt Linkblog Wed 2024-04-24 TreeLink.us SunPower big problems Intel's new NPU Tue 2024-04-23 Awesome Balatro Tracker Beeper Android Biometrics Fri 2024-04-19 Balatro Immolate Turning Point voting fraud Thu 2024-04-18 Bicycles of World War II AI-ese Mon 2024-04-15 Butterick’s Practical Typography Wicked Bible Sat 2024-04-13 Normalization of Jan 6 Followgraph for Mastodon South Yuba Canal Fri 2024-04-12 Waffle House order marking Wed 2024-04-10 Boy Meets Boy Meets Boys’ Love Termux Tue 2024-04-09 Netflitwitter Nigeria’s Scrabble King Search Archives 2023 12 11 10 09 08 07 06 05 04 03 02 01 2022 12 11 10 09 08 07 06 05 04 03 02 01 2021 12 11 10 09 08 07 06 05 04 03 02 01 2020 12 11 10 09 08 07 06 05 04 03 02 01 2019 12 11 10 09 08 07 06 05 04 03 02 01 2018 12 11 10 09 08 07 06 05 04 03 02 01 2017 12 11 10 09 08 07 06 05 04 03 02 01 2016 12 11 10 09 08 07 06 05 04 03 02 01 2015 12 11 10 09 08 07 06 05 04 03 02 01 2014 12 11 10 09 08 07 06 05 04 03 02 01 2013 12 11 10 09 08 07 06 05 04 03 02 01 2012 12 11 10 09 08 07 06 05 04 03 02 01 2011 12 11 10 09 08 07 06 05 04 03 02 01 2010 12 11 10 09 08 07 06 05 04 03 02 01 2009 12 11 10 09 08 07 06 05 04 03 02 01 2008 12 11 10 09 08 07 06 05 04 03 02 01 2007 12 11 10 09 08 07 06 05 04 03 02 01 2006 12 11 10 09 08 07 06 05 04 03 02 01 2005 12 11 10 09 08 07 06 05 04 03 02 01 2004 12 11 10 09 08 07 06 05 04 03 02 01 2003 12 11 10 09 08 07 06 05 04 03 02 01 2002 12 11 10 09 08 07 06 05 04 03 02 01 2001 12 11 10 09 08 07 One good site MDN Nelson Minar nelson@monkey.org Blog licensed under a Creative Commons License		SPF does not stop spam The spam on my Debian mail system is getting intolerable; 30+ stock pumping spams are getting through the gauntlet every day now. And pretty much all of that spam passed spamassassin's SPF_PASS check. So SPF seems to be adding pain but not providing much benefit for spam prevention. The Sender Policy Framework is one of a variety of recent SMTP complications that tries to address fundamental problems in Internet email. It lets a site use DNS records to indicate what hosts are authorized to send email in their domain, making it a bit harder to forge email headers. And it seems to function; about 98% of my email seems to be doing SPF. Sadly, that includes 98% of my spam. In other words, SPF may let you know what domain really sent the mail but that doesn't help classify spam. It does me no good to know that `agedwards.com` or `ncat.edu` or even `hotmail.com` actually authorized the sender's IP address. Spamassassin weights a valid SPF record as basically zero in its spam scoring, so they must have the same conclusion. tech • bad 2007-07-17 17:28 Z Nelson's Weblog • tech • bad