More SenderID Bashing

By Roger on July 12, 2005 6:37 PM |

Looks like another company wants to generate some good PR buzz by bashing Microsoft and bashing SenderID. This is just like my article from last fall. A company has breathlessly reported that spammers are using SenderID. Its not that bad.

MXLogic's press release is parroted by techwebnews (parent of SecurityPipleline). They say that spammers use SPF to get an air of legitimacy to their email. I would argue that any spam filter that determines legitimacy by the presence of an SPF record is flawed. Its like the old spam assassin problem. SA automatically whitelisted anyone who signed their mail with a digital signature. Does that indicate a problem with the digital signature? No its indicates a bad implementation.

SPF is about reputation and accreditation. A domain owner publishes who is allowed to send mail from that domain. Everyone else is considered questionable. That cuts down on spam and viruses using common domain names or your own company domain name. So the spammer registers throwaway domains and creates an SPF record. You still have your other spam filters. You still have the ability to blacklist.

Meng Wong provides an illustration.

Categories

Spam

Tags

About this Entry

This page contains a single entry by Roger published on July 12, 2005 6:37 PM.

ISS SiteProtector was the previous entry in this blog.

Cracking WEP is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.

Subscribe to feed Subscribe to this blog's feed
Add to Google
Please contact me by leaving a comment where appropriate. Otherwise, you can click here to reveal an email address for me.
Got Backups? Get Safe Online Remember Rick Rescorla Powered by Movable Type 4.2-en

Search