Spammers Skirt IP Authentication Attempts

Date: Mon, 06 Sep 2004 13:42:22 -0600
From: Jawaid Bazyar

1) Domains spammers own will quickly become blacklisted.
   Spammers will be forced to purchase register tons of
   domains in order to continue spamming. However their

Or use SPF-less domains.

2) Pressure will quickly mount on domains that don't
   facilitate authentication, with the effect snowballing
   over time. This will ensure system-wide adoption of close
   to 100% fairly quickly.

There's a spark of optimism buried deep inside me that really
wants to believe that. SAV has made me more cynical. :-/

There's something else you're not granting here, however.
Once the domains that are commonly used for forged headers
get "protected" with an authentication mechanism, I as a
system administrator no longer have to spend excessive time
and effort trying to distinguish between spam with that
domain name and legitimate email with that domain name.

Agreed entirely; IIRC, I think I said something similar a few
weeks back. SPF is a useful data point -- we use ~19 RBLs as
data inputs, and no one can authoritatively nail email as spam.
Even if "SPF pass" is totally useless, I'd be surprised if "SPF
fail" didn't indicate a high probability of spam.

Instead of lookups on numerous RBLs and numerous other CPU
and network-intensive checks, I can simply trust email from,,, - and these comprise
enough of my email load that I will get an instant resource
utilization benefit from knowing that email from
is really from and short-circuiting all the spam
checks I usually do.

Very good point. No disagreement here. However, I didn't like
the article's overgeneralized "News flash! whitelisting all 'SPF
pass' entries will let spam by!" attitude. Anyone whitelisting
mail that has a valid SPF entry is nuts.

Thus even if authentication should never become 100% and even
if it doesn't stop spam, I still get a net benefit.

Definitely. It's increased information... not enough for
"perfect" decisions, but enough for "better" decisions.