Why SPF over PTR?
phn at icke-reklam.ipsec.nu
phn at icke-reklam.ipsec.nu
Mon Nov 29 22:39:22 UTC 2004
Ludwig77 <gregrjones at yahoo.com> wrote:
> I must not be understanding SPF correctly because I don't understand
> why it is better for preventing sender domain forgeries than doing a
> simple PTR lookup.
> Wouldn't a simple comparison of the sender's IP address to their
> domain name via a PTR record lookup be sufficient to check for
> forgeries? I realize that not everyone has PTR records, but more have
> PTR records than SPF records.
> What am I missing?
Not much ...
A lot of spam is stopped by comparation of forward<>PTR
as one "test-box" compare these figures :
TOTAL=82, SPAM=61, (74% ) , Accepted= 21, Mon Nov 29 23:28:29 CET 2004
Sorbs Manet Manet-2 Spamcop SpamTrap Manual RelayDeny No-rDNS Forged
6 1 0 2 3 32 2 11 4
61 spam arrived, 11 failed PTR comparation. Small numbers but they seem
consistent from day-to-day.
And yes, serious mail-providers has matching PTR records.
SPF , well, you will have to look long before finding someone
cared to create them. Still you cannot rely on them until
pretty much everyone "serious" has SPF-records, in the meantime
spam will flow from all other places.
Yes, SPF is in the right direction, but as we can not force
everyone to use them, they simply not usable(yet)
My personal view is that we have to travel the legal way, make
it illegal to spam, and in addition make producers responsible
for goods sold via spam. This last part is tricky, but seems
needed to actually make spamming unprofitable. The fact that
a vendor can hide behind an anonymus spammer is part of the
current problem.
CAN-SPAM and it's european companion has a long way to go
before they are useful.
--
Peter Håkanson
IPSec Sverige ( At Gothenburg Riverside )
Sorry about my e-mail address, but i'm trying to keep spam out,
remove "icke-reklam" if you feel for mailing me. Thanx.
More information about the bind-users
mailing list