The spam on my Debian mail system is getting intolerable; 30+ stock pumping spams are getting through the gauntlet every day now. And pretty much all of that spam passed spamassassin's SPF_PASS check. So SPF seems to be adding pain but not providing much benefit for spam prevention.

The Sender Policy Framework is one of a variety of recent SMTP complications that tries to address fundamental problems in Internet email. It lets a site use DNS records to indicate what hosts are authorized to send email in their domain, making it a bit harder to forge email headers. And it seems to function; about 98% of my email seems to be doing SPF. Sadly, that includes 98% of my spam.

In other words, SPF may let you know what domain really sent the mail but that doesn't help classify spam. It does me no good to know that agedwards.com or ncat.edu or even hotmail.com actually authorized the sender's IP address. Spamassassin weights a valid SPF record as basically zero in its spam scoring, so they must have the same conclusion.

techbad
  2007-07-17 17:28 Z