[RFCI-Discuss] RFC4408 aka SPF
Alex van den Bogaerdt
alex at ergens.op.het.net
Wed Jan 24 08:48:24 EST 2007
On Wed, Jan 24, 2007 at 03:45:23PM +0300, Alexey Lobanov wrote:
> It looks like that spammers have started to abuse RFC4408 with bogus SPF
> records:
Abuse? Use!
> Yes, "+all" is provided as an example in the RFC text. But the nature of
> this "v=spf1 +all" seems to be exactly same as the nature of "IN MX
> localhost". They are trying to fool us, to legitimize mail from every
> trojanned home machine.
They aren't fooling you. They are telling the truth. They authorize
any computer to use their name.
No, this is not even remotely the same as "MX localhost."
> Is this problem within the scope of RFCI? Do we want to build a rhsbl
> database for this class of bad domains?
Whatever they are, they are not RFC ignorant.
All examples you gave are equivalent to "v=spf1 all".
At best you could argue that "+a +mx +all" is unnecessary use of
resources, and thus should be banned.
Alex
More information about the RFCI-Discuss
mailing list