Slashdot Mirror

← Back to Stories (view on slashdot.org)

Spoofed From: Prevention

Posted by timothy on from the web-of-trust dept.

An anonymous reader writes "It looks like the next promising advance in the war on spam is here! Introducing SPF: Sender Permitted From. A draft RFC is still being written, but the idea is simple: we can prevent forged emails by having domain owners publish a list of IP addresses authorized to send mail from their domain. It's no silver bullet, but how much spam can we eliminate by preventing forged mail from spoofed domains? Maybe we really don't need anti-spam legislation after all? The SPF site is chock-full of juicy info for our reading enjoyment. Bon appetit!" Interestingly, the to-do list mentions the possibility of seeking a defensive patent on this scheme, too.

3 of 532 comments (clear)

  1. Dear Spammers, by Letter · · Score: 1, Funny
    Dear Spammers,

    I have SPF 45. Your UV rays stand no chance against me.

    Sincerely,
    Letter

  2. Verisign will assume they know better by ziegast · · Score: 3, Funny

    I can't wait to see this published by the GTLD servers:

    *.com. IN TXT "spf=deny"
    *.net. IN TXT "spf=deny"

    -ez

  3. What about... by SharpFang · · Score: 2, Funny

    adding obligatory header "x-spoofed-from" to email headers? Just like the new "evil bit" in TCP...

    --
    45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B2