headers
Thomas | 20 Dec 01:53

Newbie Question

I just started work as a tech for an ISP. 
I was setting up email for a client today. 
He changed ISP's because someone 
was sending Spam from his email account(s).
I understand I can set up an SPF record on his end.
How do you get all other mail servers to check for the record? 
It seems that even if this is set up, and millions 
of pieces of spam are being blasted as coming from this
account, unless ever mail server receiving them is 
checking for SPF records,
it's not going to help. Am I reading this wrong? 
Any guidance would be appreciated.

-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Archives: http://v2.listbox.com/member/archive/1020/=now
RSS Feed: http://v2.listbox.com/member/archive/rss/1020/
Modify Your Subscription: http://v2.listbox.com/member/?member_id=6959933&id_secret=77859031-8df6fa
Powered by Listbox: http://www.listbox.com
Permalink | Reply |
headers
Scott Kitterman | 20 Dec 02:35

Re: Newbie Question

On Thu, 20 Dec 2007 00:55:56 +0000 (UTC) Thomas <supamaki <at> gmail.com> wrote:
>I just started work as a tech for an ISP. 
>I was setting up email for a client today. 
>He changed ISP's because someone 
>was sending Spam from his email account(s).
>I understand I can set up an SPF record on his end.
>How do you get all other mail servers to check for the record? 
>It seems that even if this is set up, and millions 
>of pieces of spam are being blasted as coming from this
>account, unless ever mail server receiving them is 
>checking for SPF records,
>it's not going to help. Am I reading this wrong? 
>Any guidance would be appreciated.
>

You aren't entirely wrong.  For a perfect result, that's correct, but we 
don't generally need to be perfect.  All we need is enough rejection to 
deter spammers from forging SPF protected domains.  Many people, myself 
included, have experienced a major decline in bounces due to spammers 
forging their domains.  Of course not everyone is deterred, so YMMV.

Scott K

-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Archives: http://v2.listbox.com/member/archive/1020/=now
RSS Feed: http://v2.listbox.com/member/archive/rss/1020/
Modify Your Subscription: http://v2.listbox.com/member/?member_id=6959933&id_secret=77865225-0e1ab8
Powered by Listbox: http://www.listbox.com
(Continue reading)

Permalink | Reply |
headers
Graham Beneke | 20 Dec 09:24

Re: Newbie Question

Thomas wrote:
> I just started work as a tech for an ISP. 
> I was setting up email for a client today. 
> He changed ISP's because someone 
> was sending Spam from his email account(s).
> I understand I can set up an SPF record on his end.
> How do you get all other mail servers to check for the record? 
> It seems that even if this is set up, and millions 
> of pieces of spam are being blasted as coming from this
> account, unless ever mail server receiving them is 
> checking for SPF records,
> it's not going to help. Am I reading this wrong? 
> Any guidance would be appreciated.
> 

Not all servers are currently checking SPF and there is no way to force 
them to do so. All you can do is canvass the mail admins and evangelise 
the SPF concept.

That said - it is my personal experience that there is currently a 
significant number of servers that are checking SPF and once you 
implement an SPF record it quickly stops being viable for the spammers 
to spoof your domain.

It usually takes about 2-4 weeks for the spammers to realise that they 
are getting high numbers of rejections from a specific domain and they 
then remove you from their database.

--

-- 
Graham Beneke
(Continue reading)

Permalink | Reply |

Gmane