[Greylist-users] relay identification

Franck Arnaud franck at nenie.org
Fri Jan 9 04:41:27 PST 2004

Tim Freeman:

> Because my machine does SPF checking, it can distinguish
> emails forged to be from aol from real emails from aol,

But it can also catch real users who use aol return 
addresses but do not send through AOL (e.g. using their 
ISP or work smarthost). That's one half of the SPF 
adoption problem: teach legitimate users the new rules, 
the other half is that it's of rather limited use if it's 
not universally applied (spammers can check too and 
fake only non-SPF domains); and technically, overloading 
the text record is ugly and lazy, why couldn't they 
get a RR number allocated?

> and it rejects the former without sending a bounce 
> message to the unfortunate joe-jobbed aol user in 
> the envelope from.

If you do all your bouncing through SMTP failure 
replies this should not happen anyway.

More information about the Greylist-users mailing list