In message <011d01c3e2ca$1b0bdfa0$030d010a(a)doc>, James Spooner writes:
My Point here was that spammers will no longer be able to send from a hotmail/yahoo/aol/etc address using an arbitrary open SMTP relay, which means they will have a harder time maintaining anonymity.
The obvious counter to that -- which I'd assume even spammers could figure out -- is to register a new domain for each spam run through a given open relay. Then they can even put in the SPF records for that relay. This raises the spammers cost, oh, about US$8. It might be enough to cut out the less profitable spammers -- after all it's probably doubling their overheads -- but I imagine all the bigger ones will just keep right on at it. And they can easily register the domain with "anonymous" details. Sure it might eventually get pulled for not having valid details; but by that time it's served its purpose and can be removed anyway. SPF does seem to be a useful step though, as it'll reduce the number of "joe jobs". And hopefully also encourage more people to set up SMTP AUTH and the like. Ewen