[spambayes-dev] Possible new header parsing option...
combover at mn.rr.com
Wed Apr 28 03:03:57 EDT 2004
Was looking over SPF (http://spf.pobox.com) last weekend, and it looks
very promising - already a handful of major domains have implemented it.
Of course, the headers that will be associated with SPF's checks:
will not be widely used until the major MTAs provide that option, but it
seems to me that they could prove to be valuable tokens at the very
least, and there might be a possibility of creating a SpamBayes plugin
script to do the checking at the client level.
Then again, my understanding of how MTAs work and where exactly SPF
checks would need to occur is not the best. Again, this isn't going to
be the most useful until the majority of domains have published records,
but would be beneficial once that point is reached.
My one concern with the specification itself, though, is: what's to stop
spammers from forging these headers themselves? Is there a mechanism in
the existing MTA plugins to discard any SPF headers already in place in
a received mail? I know this is probably not the best place for those
concerns, so maybe i'll subscribe to their dev list...
More information about the spambayes-dev