<p dir="ltr">Then of course there are tons of email servers that don't provide it. </p>
<br><div class="gmail_quote"><div dir="ltr">On Thu, Dec 15, 2016, 4:25 AM Bob Jonkman <<a href="mailto:bjonkman@sobac.com">bjonkman@sobac.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">-----BEGIN PGP SIGNED MESSAGE-----<br class="gmail_msg">
Hash: SHA1<br class="gmail_msg">
<br class="gmail_msg">
Chamunks writes<br class="gmail_msg">
> most of the big email providers will reject those [invalid<br class="gmail_msg">
> attempts]<br class="gmail_msg">
<br class="gmail_msg">
And that's the problem. A server which strictly accepts only mail that<br class="gmail_msg">
passes DKIM and SPF (and DMARC) checks will not let any spam through,<br class="gmail_msg">
but at the expense of false positives (unwanted rejections) from those<br class="gmail_msg">
mail servers that don't implement DKIM or SPF.<br class="gmail_msg">
<br class="gmail_msg">
I see that SPF has finally graduated to "Standards Track" from<br class="gmail_msg">
"Experimental", but none of these protocols are required for<br class="gmail_msg">
conformance to the mail standards of RFC5321<br class="gmail_msg">
<a href="https://tools.ietf.org/html/rfc5321#section-3.6.2" rel="noreferrer" class="gmail_msg" target="_blank">https://tools.ietf.org/html/rfc5321#section-3.6.2</a><br class="gmail_msg">
<br class="gmail_msg">
- --Bob, who wonders why RFC5321 isn't part of STD10<br class="gmail_msg">
<br class="gmail_msg">
<br class="gmail_msg">
<br class="gmail_msg">
On 2016-12-15 12:13 AM, Chamunks wrote:<br class="gmail_msg">
> @Bob I find that for the most part what I've read is that as long<br class="gmail_msg">
> as you use DKIM and SPF records you can basically prevent spoofing.<br class="gmail_msg">
> There still will be a few people that try but most of the big email<br class="gmail_msg">
> providers will reject those from what I read.<br class="gmail_msg">
><br class="gmail_msg">
> On Wed, Dec 14, 2016 at 9:06 PM Hubert Chathi <<a href="mailto:hubert@uhoreg.ca" class="gmail_msg" target="_blank">hubert@uhoreg.ca</a>><br class="gmail_msg">
> wrote:<br class="gmail_msg">
><br class="gmail_msg">
>> On Wed, 14 Dec 2016 15:30:16 -0500, Bob Jonkman<br class="gmail_msg">
>> <<a href="mailto:bjonkman@sobac.com" class="gmail_msg" target="_blank">bjonkman@sobac.com</a>> said:<br class="gmail_msg">
>><br class="gmail_msg">
>>> Jason wrote:<br class="gmail_msg">
>>>> If [a spammer] get a notification for blocked messages,<br class="gmail_msg">
>>>> [spammer] can iterate parameters until you figure out the<br class="gmail_msg">
>>>> exact configuration.<br class="gmail_msg">
>><br class="gmail_msg">
>>> Even worse, it causes spam backscatter. If a spammer spoofs<br class="gmail_msg">
>>> your email address as sender, then when my mail server sends<br class="gmail_msg">
>>> back a delivery failure message it'll go to you. It's a clever<br class="gmail_msg">
>>> way for spammers to get their mail to you via my spam rejection<br class="gmail_msg">
>>> rules.<br class="gmail_msg">
>><br class="gmail_msg">
>> Yes, that's why it's better to reject mail at SMTP-time, rather<br class="gmail_msg">
>> than to accept mail and then generate a bounce email. That way,<br class="gmail_msg">
>> it's the sender's server who generates the bounce email, and<br class="gmail_msg">
>> presumably they know the actual sender.<br class="gmail_msg">
>><br class="gmail_msg">
>> Allowing servers to send mail on behalf of other people is quite<br class="gmail_msg">
>> a handy feature of email (it allows, for example, email lists and<br class="gmail_msg">
>> forwarders), but causes spam problems.<br class="gmail_msg">
>><br class="gmail_msg">
>><br class="gmail_msg">
>> _______________________________________________ kwlug-disc<br class="gmail_msg">
>> mailing list <a href="mailto:kwlug-disc@kwlug.org" class="gmail_msg" target="_blank">kwlug-disc@kwlug.org</a><br class="gmail_msg">
>> <a href="http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org" rel="noreferrer" class="gmail_msg" target="_blank">http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org</a><br class="gmail_msg">
>><br class="gmail_msg">
>><br class="gmail_msg">
><br class="gmail_msg">
><br class="gmail_msg">
><br class="gmail_msg">
> _______________________________________________ kwlug-disc mailing<br class="gmail_msg">
> list <a href="mailto:kwlug-disc@kwlug.org" class="gmail_msg" target="_blank">kwlug-disc@kwlug.org</a><br class="gmail_msg">
> <a href="http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org" rel="noreferrer" class="gmail_msg" target="_blank">http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org</a><br class="gmail_msg">
><br class="gmail_msg">
<br class="gmail_msg">
- --<br class="gmail_msg">
<br class="gmail_msg">
<br class="gmail_msg">
- --<br class="gmail_msg">
Bob Jonkman <<a href="mailto:bjonkman@sobac.com" class="gmail_msg" target="_blank">bjonkman@sobac.com</a>> Phone: +1-519-635-9413<br class="gmail_msg">
SOBAC Microcomputer Services <a href="http://sobac.com/sobac/" rel="noreferrer" class="gmail_msg" target="_blank">http://sobac.com/sobac/</a><br class="gmail_msg">
Software --- Office & Business Automation --- Consulting<br class="gmail_msg">
GnuPG Fngrprnt:04F7 742B 8F54 C40A E115 26C2 B912 89B0 D2CC E5EA<br class="gmail_msg">
<br class="gmail_msg">
<br class="gmail_msg">
<br class="gmail_msg">
-----BEGIN PGP SIGNATURE-----<br class="gmail_msg">
Version: GnuPG v2<br class="gmail_msg">
Comment: Ensure confidentiality, authenticity, non-repudiability<br class="gmail_msg">
<br class="gmail_msg">
iEYEARECAAYFAlhSYOwACgkQuRKJsNLM5eoUowCgrJrRJDCMGSgXFUMS+UgiaZhl<br class="gmail_msg">
L24AnAiIUKTI4ADdEKbGtiekKPaG2iws<br class="gmail_msg">
=NxtS<br class="gmail_msg">
-----END PGP SIGNATURE-----<br class="gmail_msg">
<br class="gmail_msg">
<br class="gmail_msg">
_______________________________________________<br class="gmail_msg">
kwlug-disc mailing list<br class="gmail_msg">
<a href="mailto:kwlug-disc@kwlug.org" class="gmail_msg" target="_blank">kwlug-disc@kwlug.org</a><br class="gmail_msg">
<a href="http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org" rel="noreferrer" class="gmail_msg" target="_blank">http://kwlug.org/mailman/listinfo/kwlug-disc_kwlug.org</a><br class="gmail_msg">
<br class="gmail_msg">
</blockquote></div>