Autore: Simon Hobson Data: To: dng Oggetto: Re: [DNG] Is t worth the effort for SPF?, DMARC>, DKIM?, etc
terryc <terryc@???> wrote:
>> You can also publish DKIM and SPF records so as to produce
>> DMARC-aligned authentication for any hosted domain. Users won't
>> notice any difference.
>
> Does anyone have any figures on how effective these methods are?
> It seems we get a new idea every few years and none make the slightest
> difference in spam levels.
At blocking spam, no idea - but as you say, doesn't seem to have reduced spam much as there are still plenty of compromised systems that can send "legitimate" mail via their configured mail server.
But they are highly effective at breaking things that were once considered, and IMO still are, legitimate activities - such as forwarding mail from one mail account to another. But I suspect the big players consider that a good thing as it tends to make people more inclined to use their broken services.
> The only result is that there is now an industry of religious extremism
> in "blacklisting" sites that don't follow their desired implementation.
Agreed
>> Currently, the RFC allows anything in the HELO name.
>
> Brings back memories of my first linux mailer SMTP, where it came with
> teo alternative sets of greetings. I always preferred the second option
> of;
> "Who are you going to pretend to be today" and the response
> "Thrilled beyond bladder control to meet you"
> and so on.