On Tue, 24 Nov 2009 11:50:54 EST, Brad Laue said:
maintained. I'm unclear as to why mail administrators don't work more proactively with things like SenderID and SPF, as these seem to be far more maintainable in the long-run than an ever-growing list of IP address ranges.
There's a difference between maintainable and usable. Yes, letting the remote end maintain their SenderID and SPF is more scalable, and both do at least a plausible job of answering "Is this mail claiming to be from foobar.com really from foobar.com?". However, there's like 140M+ .coms now, and neither of them actually tell you what you really want to know, which is "do I want e-mail from foobar.com or not?". Especially when the spammer is often in cahoots with the DNS admins... On the other hand, I can, by looking at my logs, develop a fairly good sense of "do I have any real non-spam traffic from that address range?". Yes, it's more work, but it's also more likely to actually answer the question that I wanted answered.