Re: [suse-security] Email Spoofing

[Markus Gaugusch <markus@xxxxxxxxxxx>]

On Jul 21, Dirk Schreiner <dirk.schreiner@xxxxxxx> wrote:

> suse@xxxxxx schrieb:
>
> > Quoting Markus Gaugusch <markus@xxxxxxxxxxx>:
> >
> > > I would suggest to use SPF (http://spf.pobox.com). This way you can
>
> > SPF is not a viable solution.
>
> Full ack ;-)
>
> SPF causes tons of trouble and no real benefit.

I've been using it for more than a month now and i haven't had a single 
problem. It may be a problem for larger setups with users that are 
distributed through the net. But most private domain owners and smaller 
companies should be just fine with it.

Yes, it breaks forwarding. But facing the amount of spam, the number of 
mails that bounce because of incorrect (old-style) forwarding should be 
neglegible.

If anyone here finds a better solution, without breaking anything in the 
existing system - you are welcome to tell us. I think that SPF is the best 
we can get without breaking too much of existing SMTP.

SPF goes a logical way - the domain owner does not only tell which 
machines receive his mail (MX), but also which machines are allowed to 
send mails with his domain.

Markus

--
__________________    /"\
Markus Gaugusch       \ /    ASCII Ribbon Campaign
markus(at)gaugusch.at  X     Against HTML Mail
                      / \

--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here