[extropy-chat] SPAM: dealing with forgeries
Robert J. Bradbury
bradbury at aeiveos.com
Thu May 13 19:31:50 UTC 2004
As many of you know the standard mail transfer protocol on
the Net that is quite old and it doesn't normally prevent
people from "claiming" an email message is from you.
In that case, if a virus or SPAM or malware detection program
detects a nasty message in the email it may get sent back to you
or they may even inform your ISP or one of the "blacklist"
providers that you sent SPAM when you really did not.
The proposed solution to this is the "Sender Policy Framework"
developed late last year which operates by adding text (TXT)
records to your Name Server information so you can tell the
mail receiving programs which of your systems are really
authorized to send mail from your domain. If the mail
receiving program receives mail from a system in taiwan
and that system isn't authorized to send mail from your
domain then it is immediately rejected as a forgery
(which lets you [most probably] off the hook).
See: http://spf.pobox.com/
I just set this up for aeiveos.com and it was fairly quick
using their wizard: http://spf.pobox.com/wizard.html
and some quick entries to the nameserver description
files for my domain. If you have a remotely hosted
domain you may need to talk to your hosting agent or
your ISP about how to have this setup.
They document some of the ISPs and companies using (and not
using) SPF at this time from some of the links found here:
http://spftools.infinitepenguins.net/register.php
Robert
More information about the extropy-chat
mailing list