[ltp] OT: About third-patry anti-spam protection (some people just don't get it...)

Richard Neill linux-thinkpad@linux-thinkpad.org
Sun, 26 Nov 2006 12:01:40 +0000


Brian Ronald wrote:
> On Sat, 2006-11-25 at 21:41 +0100, Marcin Trybus wrote:
>> So I get this here notice that this here "Darrin" uses some fancy 
>> "protection". 
> 
> I agree completely with every point in your post.  There are other
> reasons for not using challenge based anti-spam, too.  Spams fake their
> sender, meaning that random people can get those notifications for every
> spam sent to an account protected by such.  Since you can't trust the
> From: field anyway, this form of protection is attempting to solve the
> wrong problem.

I run a web server with about 1000 user accounts. Some scoundrel is 
using <random_letters>@myserver.org  as the source of a lot of spam, and 
I get all the bounces. (I'm guessing it's a lot of windows users with 
compromised machines that are the real source). Anyway, I'd like to stop 
these scumballs emitting junk and blackening my name in the process.

Does SPF work well enough to use? If so, can anyone recommend a simple 
tutorial on setting it up?

Thanks - Richard