On Nov 14, 2006, at 5:58 AM, Steven M. Bellovin wrote:
> The most important reason not to use SPF or DKIM, though, is that as
> anti-spam mechanisms they simply don't work.  Spammers create many new
> domains, use them for a day or so, then abandon them.  In fact, they
> populate their zones with SPF records.  What, precisely, are they good
> for?  Let me put it another way -- how much of the spam you receive  
> would
> have been blocked because it impersonated some zone you know,  
> rather than
> coming from some domain you've never heard of?

Sadly, lots of people are picking up on SPF and using it as input to  
a spam/ham scoring engine so for those of us whose ISP's and colo  
facilities don't correctly do rDNS, having SPF records helps to  
increase our score so we can hopefully get mail to thumbsucking mail  
server admins who think rDNS provides useful information.

This whole science-experiment mentality around anti-spam has got to  
stop.  For example, if you use vacation(1), then you are quite likely  
to find your mail server listed in Spamcop. If you run a mailing list  
and have it set to send out responses for posts by users not  
subscribed to the list, you will also find yourself listed in  
Spamcop.  ( http://www.spamcop.net/fom-serve/cache/329.html )