[Novalug] Obvious SPAM

David Zakar david@zakar.com
Mon Feb 4 10:40:47 EST 2008


DKIM is not widely deployed right now, and is probably not going to make any
kind of appreciable dent in this problem compared to SPF - although SPF
isn't really deployed as much as it ought to be, either.

I definitely encourage anyone on here who runs a major email system to
implement both, if possible. But I'd start with SPF - it's easier, and it's
more effective for the moment.

-David Zakar

On 2/4/08 9:46 AM, "Richard Rognlie" <rrognlie@gamerz.net> wrote:

> On Mon, Feb 04, 2008 at 09:32:40AM -0500, Ed T. Toton III wrote:
>> Yes, I'd treat it as normal spam.
>> 
>> I'll second the recommendation for using SPF records in your domain name,
>> if you can do so. It'll help cut down on this sort of thing, at least in
>> terms of the return-path, or "envelope" from-field. Some mail systems may
>> actually check the header from-field too. It depends on the
>> implementation.
>> 
>> My answer is you shouldn't be too concerned. This happens all the time,
>> and any semi-intelligent spam filter or mail admin will know not to trust
>> it. The header's from-field is just informational, and the spammers can
>> put anything they want there.
>> 
>> In terms of it being misinterpreted by other recipients who don't know
>> anything about how mail and SMTP works, SPF is all you can do to try to
>> curb that.
> 
> It's not "all you can do"  You can also look at DomainKeys Identified Mail
> (DKIM).  I gave a presentation at the LUG a couple of months ago...
> 
> Slides can be found via here
> 
>         http://www.novalug.com/node/110
> 
> Richard





More information about the Novalug mailing list