[thelist] Someone stole my email address

Pete Freitag pf at cfdev.com
Thu Apr 21 10:57:22 CDT 2005

Gilles Beauregard wrote:

> SPF, is just another useless trick to fight spam.
> In plain, this DON'T work to fight spam.

First, no SPF is not mandatory, no one will block you because you don't 
have it, besides maybe a few hermit geeks.

SPF is NOT a useless trick - SPF is really useful for fighting address 
spoofing, which spammers often do. With SPF in place, it forces them to 
use their own domains for spamming, rather than spoofing hotmail, or 
other domains.

SPF is also incredibly useful for fighting phishing attacks. Even though 
it took PayPal a while, they now have SPF records which means if your 
email filter uses SPF you won't see any phisihing attacks that fake the 
paypal address.

It gets complicated however, Sender-ID which uses SPF records basically 
will check the From: header in the email (the address your mail client 
shows you), SPF 1.0 will check the MAIL FROM: address passed during the 
SMTP transaction.


Pete Freitag
work: http://www.cfdev.com/
blog: http://www.petefreitag.com/
shop: http://www.dealazon.com/

Author of the CFMX Developers Cookbook

More information about the thelist mailing list