On 04/05/2016 11:33 AM, Andrew Morgan via Info-cyrus wrote:
On Tue, 5 Apr 2016, lst_hoe02--- via Info-cyrus wrote:
Zitat von Binarus via Info-cyrus
<info-cyrus@xxxxxxxxxxxxxxxxxxxx>:
Combine SPF / DKIM with domain blacklisting, and then you
*have* an efficient spam fighting tool.
As stated the spam actually reaching our inboxes after around
90% cutoff is valid DKIM/SPF signed as it is mostly from the big
free providers like Outlook.com, Google and Yahoo. Some other
big share is from professional spam farms with always
alternating IP and Domains ranges from all over the world with
also valid DKIM/SPF. Next big share is from educational servers
also mostly valid DKIM/SPF. The tiny rest with around 10% is in
fact not DKIM/SPF signed.
From the valid e-mail around 20% looks like having a valid
SPF/DKIM, mostly professional newsletters not personal mail from
customers.
So No, SPF/DKIM is no useful spam fighting tool at least not in
our corner of the world.
Another recent standard, DMARC (https://dmarc.org/) allows the
domain owner to specify what the recipient should do with messages
that fail DKIM or SPF checks.
We ran into this recently and discovered that Yahoo's DMARC
records tell the recipient to REJECT messages that fail DKIM or
SPF. Google is honoring that DMARC record by putting the message
into the Spam folder.
This seems like a pretty effective method to prevent someone from
spoofing email from your domain. Of course, it does not prevent
an actual Yahoo account from sending spam, so you still need
traditional spam detection tools as well. However, it is nice
that a third-party sender cannot harm your domain's reputation
through spoofing.
Note: I don't care whether this email list uses SPF or DKIM.
Andy
If you want to see flame wars even more pointless and/or
entertaining than this one, check out the mailing lists for DMARC.
;-) They make these recent exchanges seem quaint by comparison.
_______________________________________________
dmarc-discuss mailing list
dmarc-discuss@xxxxxxxxx
http://www.dmarc.org/mailman/listinfo/dmarc-discuss
FWIW, mailing lists and DMARC make a particularly noxious couple, as
almost all mailing lists will break DMARC, and thus lead to all
sorts of rejections. That very subject is the topic of the most
vitriolic flame wars on the DMARC lists.
Tho, to be honest, I had assumed that the recent changes to the From
and Reply-To headers of this mailing list were undertaken to appease
strict DMARC requirements.
Yes, Google, Yahoo and most of the rest of the Big Boys(c) have
adopted DMARC with "p=reject" (or whatever that setting is.
At the risk of perpetuating this severely off-topic thread, IMHO if
"Binarus" is able to eliminate "90% solely by checking for SPF and
DKIM" then one must question just what the rest of their anti-Spam
measures were doing?
Cheers,
-nic
--
Nic Bernstein nic@xxxxxxxxxxx
Onlight Inc. www.onlight.com
6525 W Bluemound Rd., Ste 24 v. 414.272.4477
Milwaukee, Wisconsin 53213-4073 f. 414.290.0335
|
----
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus