From: "jdow" <jdow@earthlink.net>
To: "marty fouts" <mf.danger@gmail.com>,
"David Woodhouse" <dwmw2@infradead.org>
Cc: "Matti Aarnio" <matti.aarnio@zmailer.org>,
<linux-kernel@vger.kernel.org>
Subject: Re: VGER does gradual SPF activation (FAQ matter)
Date: Sat, 10 Jun 2006 19:41:31 -0700 [thread overview]
Message-ID: <192101c68d00$8c7d0dc0$0225a8c0@Wednesday> (raw)
In-Reply-To: 9f7850090606101924r32947e69vb6a34fe905227ff4@mail.gmail.com
From: "marty fouts" <mf.danger@gmail.com>
> On 6/10/06, David Woodhouse <dwmw2@infradead.org> wrote:
>> On Sun, 2006-06-11 at 01:27 +0300, Matti Aarnio wrote:
>> > Now that there is even an RFC published about SPF...
>>
>> Please, don't do this. SPF makes assumptions about email which are just
>> not true; it rejects perfectly valid mail.
>>
>> http://david.woodhou.se/why-not-spf.html
>>
>> --
>> dwmw2
>
> I agree.
>
> Further, while there is an RFC for SPF, it is an RFC for an
> experimental protocol. In addition to what David points out in his web
> site, SPF is controversial, and is in competition with other
> approaches. (See RFC 4408.)
>
> It's not widely deployed. It doesn't work. It'll break standard-abiding email.
>
> Do you really want that?
Rather than inject emotions let's play a little bit with facts. This is
excerpts from a SpamAssassin report for about 82000 emails.
TOP SPAM RULES FIRED
------------------------------------------------------------
RANK RULE NAME COUNT %OFRULES %OFMAIL %OFSPAM %OFHAM
------------------------------------------------------------
49 SPF_SOFTFAIL 1804 0.42 2.20 8.31 0.01
72 SPF_HELO_PASS 1112 0.26 1.36 5.13 47.45
78 SPF_PASS 994 0.23 1.21 4.58 45.53
92 SPF_HELO_SOFTFAIL 772 0.18 0.94 3.56 0.03
113 SPF_FAIL 589 0.14 0.72 2.71 0.00
177 SPF_HELO_FAIL 352 0.08 0.43 1.62 0.00
Stated from the opposite view
TOP HAM RULES FIRED
------------------------------------------------------------
RANK RULE NAME COUNT %OFRULES %OFMAIL %OFSPAM %OFHAM
------------------------------------------------------------
5 SPF_HELO_PASS 28563 7.20 34.88 5.13 47.45
6 SPF_PASS 27409 6.90 33.47 4.58 45.53
And so forth.
People here should be smart enough to draw their own conclusions from
raw data.
IMAO, on the whole SPF is not a tool sufficiently good to use as a tool
for rejecting email in and of itself. It is good as a part of a full
anti-spam suite in a half hearted manner. A pass MAY be worthy of a
small negative score for a tool like SpamAssassin. A fail of any kind
is not worth much more than ignoring the fact that it happened. It is
most useful in conjunction with other rejection tools that are based
on identity - typically IP block lists.
As it turns out it has proven quite simple for spammers to get around
with DNS cache poisoning and other techniques. One such trick is a
false DNS record that has an spf record allowing access to the entire
IP world.
Using SPF exclusively is as silly a mugg's game as relying 100% on
the likes of SORBS.
{^_^} Joanne Dow said that.
next prev parent reply other threads:[~2006-06-11 2:41 UTC|newest]
Thread overview: 101+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-06-10 22:27 VGER does gradual SPF activation (FAQ matter) Matti Aarnio
2006-06-10 23:06 ` David Woodhouse
2006-06-11 0:16 ` Rik van Riel
2006-06-11 0:44 ` David Woodhouse
2006-06-11 13:02 ` Theodore Tso
2006-06-11 13:55 ` Rik van Riel
2006-06-11 14:03 ` Avi Kivity
2006-06-12 8:47 ` Matthias Andree
2006-06-12 10:17 ` Neil Brown
2006-06-12 10:35 ` David Woodhouse
2006-06-12 11:07 ` Matthias Andree
2006-06-11 2:24 ` marty fouts
2006-06-11 2:41 ` jdow [this message]
2006-06-11 2:58 ` David Schwartz
2006-06-11 5:17 ` jdow
2006-06-12 8:18 ` Bernd Petrovitsch
2006-06-12 8:23 ` jdow
2006-06-12 8:31 ` Bernd Petrovitsch
2006-06-12 9:47 ` Neil Brown
2006-06-12 10:30 ` Alan Cox
2006-06-12 10:33 ` Neil Brown
2006-06-12 17:37 ` Gerhard Mack
2006-06-12 18:14 ` Krzysztof Halasa
2006-06-12 18:46 ` jdow
2006-06-12 19:16 ` Krzysztof Halasa
2006-06-12 21:51 ` Bernd Petrovitsch
2006-06-13 21:12 ` David Woodhouse
2006-06-12 9:53 ` Alan Cox
2006-06-12 10:01 ` Bernd Petrovitsch
2006-06-12 11:14 ` Matthias Andree
2006-06-12 10:58 ` Neil Brown
2006-06-12 11:22 ` Matthias Andree
2006-06-12 11:42 ` Kyle Moffett
2006-06-13 23:32 ` Scott Lockwood
2006-06-13 23:42 ` Kyle Moffett
2006-06-14 0:02 ` Neil Brown
2006-06-14 10:20 ` Matthias Andree
2006-06-16 3:53 ` Kyle Moffett
2006-06-12 8:27 ` Bernd Petrovitsch
2006-06-12 20:25 ` Horst von Brand
2006-06-12 21:10 ` Nick Warne
2006-06-12 22:06 ` Jesper Juhl
2006-06-12 22:12 ` Randy.Dunlap
2006-06-12 23:03 ` jdow
2006-06-13 3:00 ` Horst von Brand
2006-06-13 5:54 ` jdow
2006-06-13 8:36 ` Bernd Petrovitsch
2006-06-13 9:58 ` Marc Perkel
2006-06-13 13:28 ` Horst von Brand
2006-06-13 14:34 ` David Woodhouse
2006-06-13 9:05 ` David Woodhouse
2006-06-13 10:45 ` Matthias Andree
2006-06-13 12:24 ` David Woodhouse
2006-06-13 12:49 ` Matthias Andree
2006-06-13 13:10 ` David Woodhouse
2006-06-13 15:19 ` Marc Perkel
2006-06-13 15:57 ` Auke Kok
2006-06-13 19:54 ` David Woodhouse
2006-06-13 20:31 ` Lennart Sorensen
2006-06-13 20:48 ` David Woodhouse
2006-06-15 17:05 ` Keith Owens
2006-06-15 23:14 ` Wakko Warner
2006-06-13 0:11 ` Phil Oester
2006-06-13 0:26 ` David Miller
2006-06-13 4:18 ` Willy Tarreau
2006-06-13 15:17 ` Joel Jaeggli
2006-06-12 21:43 ` Bernd Petrovitsch
2006-06-13 3:05 ` Horst von Brand
2006-06-13 8:31 ` Bernd Petrovitsch
2006-06-13 10:50 ` Matthias Andree
2006-06-13 13:15 ` Justin Piszcz
2006-06-11 5:09 ` Neil Brown
2006-06-11 5:26 ` jdow
2006-06-11 6:12 ` Willy Tarreau
2006-06-11 16:02 ` Folkert van Heusden
2006-06-11 17:54 ` Lee Revell
2006-06-11 18:54 ` David Miller
2006-06-12 9:09 ` Matthias Andree
2006-06-12 11:32 ` Nikita Danilov
2006-06-12 14:52 ` Jeff Garzik
2006-06-12 20:00 ` David Miller
2006-06-12 22:29 ` Jesper Juhl
2006-06-12 22:48 ` David Miller
2006-06-12 22:57 ` Jesper Juhl
2006-06-13 3:54 ` VGER does gradual SPF activation (FAQ matter) - Alternative Marc Perkel
2006-06-13 4:51 ` David Miller
2006-06-13 13:41 ` VGER does gradual SPF activation (FAQ matter) Athanasius
2006-06-11 17:31 ` Marc Perkel
2006-06-11 18:50 ` Florian Weimer
[not found] ` <20060611072223.GA16150@flint.arm.linux.org.uk>
2006-06-12 8:32 ` Matti Aarnio
2006-06-12 8:40 ` Russell King
2006-06-12 9:57 ` Neil Brown
2006-06-12 15:55 ` Russell King
2006-06-12 20:06 ` Zwane Mwaikambo
2006-06-12 11:22 ` David Woodhouse
2006-06-12 15:41 ` Simon Oosthoek
2006-06-12 22:55 ` Matthias Andree
2006-06-13 17:41 ` Matti Aarnio
2006-06-12 9:05 ` Matthias Andree
2006-06-12 17:28 ` Matthew Frost
2006-06-13 0:12 ` David Woodhouse
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='192101c68d00$8c7d0dc0$0225a8c0@Wednesday' \
--to=jdow@earthlink.net \
--cc=dwmw2@infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=matti.aarnio@zmailer.org \
--cc=mf.danger@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox