On 3/12/24 11:40, Julian H. Stacey wrote:
I'm interested what independent mailman-users@ think on technical issues of DKIM/SPF, but `advice' from fined monopolist google Not wanted.
Search RISKS archives around the time SPF was introduced, that's about the earliest discussion I know of.
Non-technically it's snake oil, obviously: nothing is stopping me from buying a domain (in "national alphabets", too, so there's no shortage of names) using a stolen credit card number, "protect it" so noting comes up in whois, add all the DMARC/DKIM/SPF records imaginable, and start spamming like there is no tomorrow. Once it's blacklisted by everyone: ditch it and buy another. Rinse, lather, repeat.
It's only stopping the small mom-and-pop spammers. And mailman users.
Dima