[Asrg] where the message originated (was: DKIM role?) (SM)
Ian Eiloart
iane at sussex.ac.uk
Tue Jan 20 08:13:05 PST 2009
--On 20 January 2009 07:10:15 -0500 Rich Kulawiec <rsk at gsp.org> wrote:
> On Tue, Jan 20, 2009 at 11:49:40AM +0000, Ian Eiloart wrote:
>> Only when DKIM and SPF are in wider use will a centralised
>> reputation system be very useful.
>
> Don't hold your breath. SPF is dead -- and good riddance, it was a very
> stupid idea -- and a centralized reputation system of any kind would
> be a disaster. It's one of the very last things anyone who is actually
> opposed to spam should ever want to see happen.
So dead that of hotmail.com, gmail.com, mac.com, apple.com, microsoft.com,
facebook.com, ebay.com only er..., all of them publish SPF records.
Hmm, lets take a look at the email I've received today. These are the top
20 domains that have delivered to one of my cluster machines. Several of
the domains do use -all in their records, but most don't.
Facebookmail.com top the list at 10% of inbound mail. They do publish spf
records. Of the rest, three yahoo domains, and one other don't have spf
records. One is ours, one is null (bounces), and the remaining 13 domains
all do publish spf records.
The 14 domains in the top 20 account for 28% of all the email that we
accepted for delivery. That's certainly enough to justify building a local
whitelisting mechanism against.
--
Ian Eiloart
IT Services, University of Sussex
x3148
More information about the Asrg
mailing list