TMDA Re: [Gllug] New worm doing the rounds?

Alistair Mann alistair at lgeezer.net
Tue Feb 17 12:25:18 UTC 2004


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Thus spaketh Bruce Richardson on Tuesday 17 February 2004 11:09 am:
> On Mon, Feb 16, 2004 at 07:40:25PM +0000, Peter wrote:
> > Jason Clifford wrote:
> > >>I can't see any other way.  Soon as I get some decent infrastructure
> > >>in place, I'll be going that way myself.
> > >
> > >We're all seeing spammers becoming more and more sophisticated in
> > >circumventing protection systems and this is an obvious and easy one for
> > >them to use as a means of beating your protection.
> > >
> > >Jason Clifford
> >
> >    My instant response to the SPF and other challenage response methods
> > was "That will never work!"
>
> SPF isn't a challenge/response mechanism.  It's a suggested extension to
> current DNS practice that would allow organisations to specify which
> mail systems are allowed to send mail for their domain (current practice
> only allows you to specify which machines will receive mail for your
> domain).  If such practice were widespread, it would enable mail admins
> to reject any mail with an @example.org address if it didn't come from a
> designated sender machine woth out even looking any further.
>
> The basic idea is good but it faces the problem that it doesn't become
> effective until the practice is widespread, which provides no incentive
> for early adoption.
>
> Note for the obstinate: like many other mail policies, SPF would only be
> effective for an organisation if the policy were applied on *all* mail
> exchangers, "backup" or no.

I'm less optimistic about SPF. A greater problem than low value for early 
adopters will be low value for all once widely adopted, as it is trivial to 
circumvent: just make the envelope sender sufficiently accurate. 
- -- 
Alistair
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
Comment: As seen at http://search.keyserver.net

iD8DBQFAMggyEz+/jt85AfsRAqqZAJ9FSLkcnq1T1EWjKW9UkdJV4GQTGwCgj+/d
zwcOJwS5GmI+A8cVgbfiUaE=
=o4y1
-----END PGP SIGNATURE-----

-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug




More information about the GLLUG mailing list