Steve Phillips wrote:
On Thu, 14 Jul 2005, Dan Clark wrote:
I think we're going to have another look at it soon as the general level of SPAM etc seems to be growing by the day.
NOTE: SPF is NOT an anti-spam methodology, it is designed to add a simplistic way to prevent forging of e-mail From: addresses. (the envelope sender to be even more specific)
As a result, implementing SPF will NOT stop the growth of SPAM, it may assist in reducing the number of people that get suckered in by phishing schemes.
It might - IF some local financial organisations adopted SPF: $ host -t txt asb.co.nz asb.co.nz text "ASB Bank, Auckland, NZ" $ host -t txt asbbank.co.nz asbbank.co.nz text "ASB Bank, Auckland, NZ" $ host -t txt westpac.co.nz $ host -t txt westpac.com.au $ host -t txt nbnz.co.nz nbnz.co.nz text "National Bank of New Zealand" $ host -t txt kiwibak.co.nz Host kiwibak.co.nz not found: 3(NXDOMAIN) $ host -t txt kiwibank.co.nz kiwibank.co.nz text "New Zealand Post Limited" And so forth. In fact, out of a small sample of finance organisations in NZ the only one I can find with SPF records is americanexpress (see aexp.com). Although it does reduce phishing from Paypal etc; but the CitiBank and BofA and so forth phishing is unlikely to ever work in NZ because the average NZer won't have an account with them. SPF doesn't solve spam, though. Unauthorised "hijacking" of domains, on the other hand, it might help reduce the occurence of. aj