[spambayes-dev] Possible new header parsing option...

combover combover at mn.rr.com
Wed Apr 28 03:03:57 EDT 2004

Was looking over SPF (http://spf.pobox.com) last weekend, and it looks 
very promising - already a handful of major domains have implemented it. 
Of course, the headers that will be associated with SPF's checks:
will not be widely used until the major MTAs provide that option, but it 
seems to me that they could prove to be valuable tokens at the very 
least, and there might be a possibility of creating a SpamBayes plugin 
script to do the checking at the client level.

Then again, my understanding of how MTAs work and where exactly SPF 
checks would need to occur is not the best. Again, this isn't going to 
be the most useful until the majority of domains have published records, 
but would be beneficial once that point is reached.

My one concern with the specification itself, though, is: what's to stop 
spammers from forging these headers themselves? Is there a mechanism in 
the existing MTA plugins to discard any SPF headers already in place in 
a received mail? I know this is probably not the best place for those 
concerns, so maybe i'll subscribe to their dev list...

More information about the spambayes-dev mailing list