[Sussex] spam filtering

Steven Dobson steve at dobson.org
Sun Aug 20 15:00:29 UTC 2006 

On Sun, 2006-08-20 at 10:51 +0100, Vic wrote:
> And some time before that Andy Smith wrote:
> > I choose not to use SPF
> 
> That's your choice. You are entitled to make it.
> 
> > http://david.woodhou.se/why-not-spf.html
> 
> ...Contains many errors. One day I'll get round to publishing a rebuttal
> page, because I'm rather tired of seeing this touted as "fact" so often.

Andy, I think I agree with you and Mr Woodhouse.  As someone who does
use an e-mail address in a vanity domain I am do send e-mails from an IP
address that is not part of that vanity domain bu claim to be.  I could
arrange for all the e-mail I send that use that domain (that would be
just about all) to go via the vanity domain's e-mail servers but that is
an awful lot of configuration and I don't want to go their.

> > Particularly, expecting the world to implement something as freaky
> > as SRS just so that your users can continue to forward mail through
> > them retaining your domain in the address is rather naive and
> > impractical.
> 
> That's your opinion. It is not everyone's. Many people consider SRS to be
> a workable system;

Vic, and many people believe that the world is flat too.  Just because
you believe SPF to be a workable system doesn't mean that you are right
either.

> whether or not the entire world moves over to SRS
> doesn't really matter. It's a common misconception that SPF/SRS requires
> 100% participation to work, but that's just wrong. SPF/SRS becomes more
> effective as more people use it, but it is *already* effective (and
> certahnily effective enough for me) despite the fact that you've decided
> not to support it.

This I agree with this too.  But without large scale adoption it's
effectiveness will be limited.

However, I see some problems with it's implementation that I was trying
to address with you.  You fail spectacularly it trying to convince me
otherwise.  I quote the spec at you and just tell me my interruptation
is incorrect.  Big help!  In my experiance it is the people who just say
"You're wrong" all the time without being able to say why are the one
who don't understand things.

As further evidence that you don't understand SPF and how to configure
it properly I give you your own MTA.  Below is one of the received
headers from your e-mail that I am replying to, presumably the MSA->MTA
handover.  Your MTA, not knowning that e-mail to be genuine, accepted
and relayed it. 

   Received: from hobgoblin.beer.org.uk (hobgoblin [127.0.0.1]
                  (may be forged))
             by hobgoblin.beer.org.uk
             (8.12.11.20060308/8.12.11) with ESMTP id k7K9pnlM026956
             (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256
             verify=NO) for <sussex at mailman.lug.org.uk>;
             Sun, 20 Aug 2006 10:51:49 +0100

Steve

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://mailman.lug.org.uk/pipermail/sussex/attachments/20060820/4ab5e073/attachment.pgp

More information about the Sussex mailing list