It's nice that we can invoke the government option for phishing and frauds and such, but wouldn't it be just maybe a little better if folks took it upon themselves to add a little prevention into their setup?
SPF records are a recently RFC'd way to declare to the net "Email from my domain must come from IP address x.y.z.q - ignore all other email claiming to be from me that's not from here."
While this doesn't universally solve the problem of making mail servers actually check SPF, it does at least help protect those people using email services that do check for it - MSM, AOL and Yahoo all check SPF on incoming email.
One SPF problem is that some of the anti-spam systems out there don't even support it by default (for example, Barracuda) while some OSS alternatives at least document how to implement it. (see http://www.piratefish.org).
For more info on setting up your SPF records, visit http://www.openspf.org. If you need a decent anti-spam filter on the cheap, see my site at http://www.piratefish.org
Write Comment
Please keep the topic of messages relevant to the subject of the article.
Personal verbal attacks will be deleted.
Please don't use comments to plug your web site.. Such material will be removed.
