TMDA Re: [Gllug] New worm doing the rounds?

Bruce Richardson itsbruce at uklinux.net
Tue Feb 17 11:09:37 UTC 2004


On Mon, Feb 16, 2004 at 07:40:25PM +0000, Peter wrote:
> Jason Clifford wrote:
> 
> >>I can't see any other way.  Soon as I get some decent infrastructure
> >>in place, I'll be going that way myself.
> >>   
> >>
> >
> >We're all seeing spammers becoming more and more sophisticated in 
> >circumventing protection systems and this is an obvious and easy one for 
> >them to use as a means of beating your protection.
> >
> >Jason Clifford
> > 
> >
>   
>    My instant response to the SPF and other challenage response methods 
> was "That will never work!"

SPF isn't a challenge/response mechanism.  It's a suggested extension to
current DNS practice that would allow organisations to specify which
mail systems are allowed to send mail for their domain (current practice
only allows you to specify which machines will receive mail for your
domain).  If such practice were widespread, it would enable mail admins
to reject any mail with an @example.org address if it didn't come from a
designated sender machine woth out even looking any further.

The basic idea is good but it faces the problem that it doesn't become
effective until the practice is widespread, which provides no incentive
for early adoption.

Note for the obstinate: like many other mail policies, SPF would only be
effective for an organisation if the policy were applied on *all* mail
exchangers, "backup" or no.


-- 
Bruce

It is impolite to tell a man who is carrying you on his shoulders that
his head smells.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 261 bytes
Desc: Digital signature
URL: <http://mailman.lug.org.uk/pipermail/gllug/attachments/20040217/ad158202/attachment.pgp>
-------------- next part --------------
-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug


More information about the GLLUG mailing list