[Greylist-users] Skipping greylisting based on SPF?
Ken Raeburn
raeburn at raeburn.org
Wed Sep 22 12:23:56 PDT 2004
Valor Romá <romalopez at gmail.com> writes:
> Yes, I can confirm you that SPF is pretty reliable.
http://www.eweek.com/article2/0,1759,1642848,00.asp (put out a couple
weeks ago) says two companies, MX Logic Inc and CipherTrust Inc, have
both found that spammers are using SPF in their studies.
MX Logic found that "10 percent of all spam includes such SPF
records."
CipherTrust analyzed ~2M messages from 1000 customers and found that
"spammers are supporting SPF faster than legitimate e-mail senders,
with 38 percent more spam messages registering SPF records than
legitimate e-mail." (Though the CipherTrust web site says 34%, not
38%, and throws around some other numbers.)
Neither of which quite contradicts the idea that SPF records will stop
a lot of spam claiming to be from AOL or whereever.
I hope SPF by itself continues to work for you for a long time. I
just don't believe we can rely on it by itself for very long, at least
for large sites; looking forward, I'd want it combined with something
else, like a manually maintained list of domains, or modified
Greylisting (e.g., treat all the approved sending hosts collectively,
as grouping by /24 subnet tries to approximate, as long as the SPF
spec doesn't indicate that every host on the net should be allowed).
Ken
More information about the Greylist-users
mailing list