From: Willy Tarreau <w@1wt.eu>
To: jdow <jdow@earthlink.net>
Cc: Neil Brown <neilb@suse.de>, David Woodhouse <dwmw2@infradead.org>,
Matti Aarnio <matti.aarnio@zmailer.org>,
linux-kernel@vger.kernel.org
Subject: Re: VGER does gradual SPF activation (FAQ matter)
Date: Sun, 11 Jun 2006 08:12:10 +0200 [thread overview]
Message-ID: <20060611061210.GA13255@w.ods.org> (raw)
In-Reply-To: <193f01c68d17$92570ae0$0225a8c0@Wednesday>
Hi,
On Sat, Jun 10, 2006 at 10:26:19PM -0700, jdow wrote:
> No sir. FAIL and SOFT_FAIL prove nothing. PASS proves remarkably
> little. SPF is not a good criterion for much of anything.
>
> >I think kernel.org is a great site to be an early adopter because:
> > - the mail it transports isn't critical
> > - it interacts with a very large number of mail sites
> > - it's customers are reasonably technology-savvy.
>
> It would be a good site to adopt it outgoing. But adopting it as an
> incoming message filter is silly.
So by your definition, this method is useful only on outgoing emails
but never on incoming ones. I fail to see how it might be useful
outgoing if nobody checks incoming emails...
> >(No, SPF doesn't stop spam, but it can increase accountability so that
> >white/black lists can begin to be more usable).
>
> It does not even do that conclusively. Many of us wish it did. But if
> a spammer can post his own spf records he can claim what he wants
> about email sources. DNS cache poisoning attacks assure that this can
> take place even for sites you might control.
I think that *nobody* can tell whether the result will have positive
or negative effect. This list is populated by technical people who
will be able to participate to the test. A first approach would be
to add a header to the incoming emails telling how they have been
classified, so that people know if their config could lead them to
being blocked in the future. If, after a long test period, we notice
that it causes lots of false positives and that spams still don't
get detected, it may be time to give up on this method. Conversely,
if it turns out that only spam gets detected and that we have no
false positives, why not go one step further then ?
> {^_^} Joanne Dow said that. Seriously, I recommend a pass through the
> old SpamAssassin users mailing list for past discussions. An
> SPF_HELO_SOFTFAIL is the only thing given a sizeable score.
Regards,
Willy
next prev parent reply other threads:[~2006-06-11 6:12 UTC|newest]
Thread overview: 101+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-06-10 22:27 VGER does gradual SPF activation (FAQ matter) Matti Aarnio
2006-06-10 23:06 ` David Woodhouse
2006-06-11 0:16 ` Rik van Riel
2006-06-11 0:44 ` David Woodhouse
2006-06-11 13:02 ` Theodore Tso
2006-06-11 13:55 ` Rik van Riel
2006-06-11 14:03 ` Avi Kivity
2006-06-12 8:47 ` Matthias Andree
2006-06-12 10:17 ` Neil Brown
2006-06-12 10:35 ` David Woodhouse
2006-06-12 11:07 ` Matthias Andree
2006-06-11 2:24 ` marty fouts
2006-06-11 2:41 ` jdow
2006-06-11 2:58 ` David Schwartz
2006-06-11 5:17 ` jdow
2006-06-12 8:18 ` Bernd Petrovitsch
2006-06-12 8:23 ` jdow
2006-06-12 8:31 ` Bernd Petrovitsch
2006-06-12 9:47 ` Neil Brown
2006-06-12 10:30 ` Alan Cox
2006-06-12 10:33 ` Neil Brown
2006-06-12 17:37 ` Gerhard Mack
2006-06-12 18:14 ` Krzysztof Halasa
2006-06-12 18:46 ` jdow
2006-06-12 19:16 ` Krzysztof Halasa
2006-06-12 21:51 ` Bernd Petrovitsch
2006-06-13 21:12 ` David Woodhouse
2006-06-12 9:53 ` Alan Cox
2006-06-12 10:01 ` Bernd Petrovitsch
2006-06-12 11:14 ` Matthias Andree
2006-06-12 10:58 ` Neil Brown
2006-06-12 11:22 ` Matthias Andree
2006-06-12 11:42 ` Kyle Moffett
2006-06-13 23:32 ` Scott Lockwood
2006-06-13 23:42 ` Kyle Moffett
2006-06-14 0:02 ` Neil Brown
2006-06-14 10:20 ` Matthias Andree
2006-06-16 3:53 ` Kyle Moffett
2006-06-12 8:27 ` Bernd Petrovitsch
2006-06-12 20:25 ` Horst von Brand
2006-06-12 21:10 ` Nick Warne
2006-06-12 22:06 ` Jesper Juhl
2006-06-12 22:12 ` Randy.Dunlap
2006-06-12 23:03 ` jdow
2006-06-13 3:00 ` Horst von Brand
2006-06-13 5:54 ` jdow
2006-06-13 8:36 ` Bernd Petrovitsch
2006-06-13 9:58 ` Marc Perkel
2006-06-13 13:28 ` Horst von Brand
2006-06-13 14:34 ` David Woodhouse
2006-06-13 9:05 ` David Woodhouse
2006-06-13 10:45 ` Matthias Andree
2006-06-13 12:24 ` David Woodhouse
2006-06-13 12:49 ` Matthias Andree
2006-06-13 13:10 ` David Woodhouse
2006-06-13 15:19 ` Marc Perkel
2006-06-13 15:57 ` Auke Kok
2006-06-13 19:54 ` David Woodhouse
2006-06-13 20:31 ` Lennart Sorensen
2006-06-13 20:48 ` David Woodhouse
2006-06-15 17:05 ` Keith Owens
2006-06-15 23:14 ` Wakko Warner
2006-06-13 0:11 ` Phil Oester
2006-06-13 0:26 ` David Miller
2006-06-13 4:18 ` Willy Tarreau
2006-06-13 15:17 ` Joel Jaeggli
2006-06-12 21:43 ` Bernd Petrovitsch
2006-06-13 3:05 ` Horst von Brand
2006-06-13 8:31 ` Bernd Petrovitsch
2006-06-13 10:50 ` Matthias Andree
2006-06-13 13:15 ` Justin Piszcz
2006-06-11 5:09 ` Neil Brown
2006-06-11 5:26 ` jdow
2006-06-11 6:12 ` Willy Tarreau [this message]
2006-06-11 16:02 ` Folkert van Heusden
2006-06-11 17:54 ` Lee Revell
2006-06-11 18:54 ` David Miller
2006-06-12 9:09 ` Matthias Andree
2006-06-12 11:32 ` Nikita Danilov
2006-06-12 14:52 ` Jeff Garzik
2006-06-12 20:00 ` David Miller
2006-06-12 22:29 ` Jesper Juhl
2006-06-12 22:48 ` David Miller
2006-06-12 22:57 ` Jesper Juhl
2006-06-13 3:54 ` VGER does gradual SPF activation (FAQ matter) - Alternative Marc Perkel
2006-06-13 4:51 ` David Miller
2006-06-13 13:41 ` VGER does gradual SPF activation (FAQ matter) Athanasius
2006-06-11 17:31 ` Marc Perkel
2006-06-11 18:50 ` Florian Weimer
[not found] ` <20060611072223.GA16150@flint.arm.linux.org.uk>
2006-06-12 8:32 ` Matti Aarnio
2006-06-12 8:40 ` Russell King
2006-06-12 9:57 ` Neil Brown
2006-06-12 15:55 ` Russell King
2006-06-12 20:06 ` Zwane Mwaikambo
2006-06-12 11:22 ` David Woodhouse
2006-06-12 15:41 ` Simon Oosthoek
2006-06-12 22:55 ` Matthias Andree
2006-06-13 17:41 ` Matti Aarnio
2006-06-12 9:05 ` Matthias Andree
2006-06-12 17:28 ` Matthew Frost
2006-06-13 0:12 ` David Woodhouse
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20060611061210.GA13255@w.ods.org \
--to=w@1wt.eu \
--cc=dwmw2@infradead.org \
--cc=jdow@earthlink.net \
--cc=linux-kernel@vger.kernel.org \
--cc=matti.aarnio@zmailer.org \
--cc=neilb@suse.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox