ZDNet UK


Skip to Main Content

ZDNet.co.uk - Winner of Best Business Website 2007
  1. Home
  2. News
  3. Blogs
  4. Reviews
  5. Jobs
  6. Resources
  7. Community
  8. My ZDNet

 

ZDNet UK RSS Feeds


Security threats Toolkit

In association with Intel

Talkback

Post a comment


Story: Experts clash over merits of anti-spam authentication

  • Previous comment

Posted by: Wayne Schlitt (Monday 10 October 2005, 5:37 PM)

  • Reply

SPF is designed to stop email forgery. It is not designed to tell you if any given email is spam or not. While a lot of spam uses forged email addresses, and thus SPF failures are often a good indicator of spam, forged email is often undesirable, even if it is not explictly spam.

Fitzgerald says that SPF is "breakable" by having bot nets no longer forge email addresses is kind of silly. The world would be a much better place if all spammers and phishers did exactly what Fitzgerald suggests. It would mean a large reduction in the amount of bounced spam going to the wrong person and having people blame you just because your email address was forged.

I am sad that both Outblaze and Earthlink have removed their support of SPF. On the other hand, other major ISPs such as Roadrunner, have added support for SPF during that same time period. While it would be nice if there was a steady increase in SPF support, I am not surprised that various organizations have been adding and deleting SPF records, as they have since the beginning.

SPF allows you to apply reputations to incoming email, so that known spamming domains can be blocked, and known good domains can be let through, even if the email uses a few spammy keywords. Many spammers are stupid and will publish SPF records even if it hurts them. Even more marketing departments think what they are doing isn't spamming, and so they publish SPF records too.

I've never figured out why folks like CiperTrust are so worried when lots of email that is spam shows up with valid SPF records. This, again, is a good thing. It lets us block them easier.

I don't believe any single system will stop spam. I think that DNSBLs, bayesian analysis, SPF, DKIM, DCC/Razor, detection of deceptive HTML, legal pursuit, ISPs kicking off spammers, etc. all can play an important part of reducing spam. Spam, like other forms of theft, will never go away, but to stop theft we don't *just* depend on the police. We also have locks on our doors, we have neighborhood watches, we keep doors well lit, etc.

  • Previous comment

  • Reply to this comment
  • Return to story
  • Report this as offensive


Full Talkback thread

More In Security threats


Sentry Posts Blog

Virtual Teams: Small Business Innovati...

Virtual Teams: Small Business Innovation Author: Eric Everson, Founder – MyMobiSafe.com As the founder of MyMobiSafe.com, I’ve found that because of our presence in the industry... More

Post a comment

Mobile Security and Innovation: An Ope...

Mobile Security and Innovation: An Open Case Author: Eric Everson, Founder MyMobiSafe.com The times are changing in the mobile industry as “big wireless” in the US Markets are calling... More

Post a comment

Government launches new e-crime unit

Ok, so this is outside of my main area of focus of sustainable and green tech but I do track some security issues too. I was at a meeting last week with Microsoft's security advisor... More

Post a comment

Featured Oracle Resources

Human Resources Management eBook

Supply Chain Management eBook

Design and Innovation Report

Economist Intelligence Unit Report - Technology and growth at mid-sized companies

See All White Papers