Re: [Asrg] whitelisting links (was Re: misconception in SPF)
John Johnson <jjohnson@jdmc.org> Tue, 11 December 2012 14:53 UTC
Return-Path: <jjohnson@jdmc.org>
X-Original-To: asrg@ietfa.amsl.com
Delivered-To: asrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 60A0B21F8797 for <asrg@ietfa.amsl.com>; Tue, 11 Dec 2012 06:53:00 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.599
X-Spam-Level:
X-Spam-Status: No, score=-4.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, GB_I_LETTER=-2]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eRvh-VJD93Or for <asrg@ietfa.amsl.com>; Tue, 11 Dec 2012 06:52:59 -0800 (PST)
Received: from secure.jdmc.org (secure.jdmc.org [164.58.70.160]) by ietfa.amsl.com (Postfix) with ESMTP id D111521F877B for <asrg@irtf.org>; Tue, 11 Dec 2012 06:52:59 -0800 (PST)
Received: from [164.58.70.150] (mail.jdmc.org [164.58.70.150]) by secure.jdmc.org with ESMTP id qBBEqwWE017401 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <asrg@irtf.org>; Tue, 11 Dec 2012 08:52:58 -0600
X-Client-IP: 192.168.3.226
X-EnvRcpt: <asrg@irtf.org>
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=jdmc.org; s=mail; t=1355237578; bh=c6PO8OyEshcVkMCLZMR+bmMekwAVNkTNLiGS2AwHzbw=; h=Message-ID:Date:From:MIME-Version:To:Subject:References: In-Reply-To:Content-Type:Content-Transfer-Encoding; b=mOvqHS+O2EH7rGuOi8xAPx0XS6+KeFh+GXfCPIXB7cbft7j85VKpC353KGKnUrFpG kgxx+pWm0A1GdXLb5lQX0llslEC3iS1/FiZYpx3V3PsdyQyLLG5eXrsa0tPzQ9ChrE h//WIo0jCK1tuzmgJJQXfmMARiUiMuyZkT8on2yI=
X-EnvFrom: jjohnson@jdmc.org
X-LDomain: mail.jdmc.org
X-LCount: 0
X-Vsender: dhcp3-226.jdmc.org [192.168.3.226]
Received: from [192.168.3.226] (dhcp3-226.jdmc.org [192.168.3.226]) (authenticated bits=0) by mail.jdmc.org (8.14.4/8.14.4) with ESMTP id qBBEqt8B015113 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <asrg@irtf.org>; Tue, 11 Dec 2012 08:52:58 -0600
Message-ID: <50C748C7.3080104@jdmc.org>
Date: Tue, 11 Dec 2012 08:52:55 -0600
From: John Johnson <jjohnson@jdmc.org>
User-Agent: Thunderbird 2.0.0.24 (X11/20100228)
MIME-Version: 1.0
To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
References: <0D79787962F6AE4B84B2CC41FC957D0B20ACFFE1@ABN-EXCH1A.green.sophos> <50C5A9A0.105@pscs.co.uk> <0D79787962F6AE4B84B2CC41FC957D0B20AD01B2@ABN-EXCH1A.green.sophos> <20121210145627.GA21217@gsp.org> <50C6121D.9040607@dcrocker.net> <50C617A2.8090602@pscs.co.uk> <0D79787962F6AE4B84B2CC41FC957D0B20AD5E36@ABN-EXCH1A.green.sophos> <50C644F6.3090901@pscs.co.uk> <0D79787962F6AE4B84B2CC41FC957D0B20AD737F@ABN-EXCH1A.green.sophos> <50C6BDB2.1010407@mustelids.ca> <20121211133727.GA8759@gsp.org> <50C7414C.3030203@mtcc.com>
In-Reply-To: <50C7414C.3030203@mtcc.com>
X-Enigmail-Version: 0.96.0
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
X-Apparently-To: <asrg@irtf.org>
X-Scanned-By: MIMEDefang 2.72 on 164.58.70.150
X-GlobalCerts-Milter: secure.jdmc.org 11Dec2012-08:52:58.955
Subject: Re: [Asrg] whitelisting links (was Re: misconception in SPF)
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Dec 2012 14:53:00 -0000
Michael Thomas wrote: > Anybody who thinks that using HTML or outsourcers are "worst > practices" is part of the problem, not part of the solution. I highly disagree. A local bank just hired an outside firm to spam a "newsletter" to their customers in my area. It was quite difficult to tell if it was legitimate, as the bank had published SPF records, yet failed to provide the ip's of the outsourcers servers. And then used the banks domain name as the source. This should not be acceptable behavior, especially for a financial institution. It trains their customers to just accept anything and everything, they should be setting the bar, not lowering it. -john
- Re: [Asrg] misconception in SPF John Levine
- [Asrg] misconception in SPF Christian Grunfeld
- Re: [Asrg] misconception in SPF Christian Grunfeld
- Re: [Asrg] misconception in SPF Derek Diget
- Re: [Asrg] misconception in SPF Martijn Grooten
- Re: [Asrg] misconception in SPF John Levine
- Re: [Asrg] misconception in SPF Christian Grunfeld
- Re: [Asrg] misconception in SPF Paul Smith
- Re: [Asrg] misconception in SPF Christian Grunfeld
- Re: [Asrg] misconception in SPF Andrew Sullivan
- Re: [Asrg] misconception in SPF Paul Smith
- Re: [Asrg] misconception in SPF darxus
- Re: [Asrg] misconception in SPF SM
- Re: [Asrg] misconception in SPF darxus
- Re: [Asrg] misconception in SPF Daniel Feenberg
- Re: [Asrg] misconception in SPF Paul Smith
- Re: [Asrg] misconception in SPF John Levine
- Re: [Asrg] various anti-spam techniques, was misc… John Levine
- Re: [Asrg] various anti-spam techniques, was misc… Rich Kulawiec
- Re: [Asrg] misconception in SPF SM
- Re: [Asrg] misconception in SPF Bill Cole
- Re: [Asrg] various anti-spam techniques, was misc… Christian Grunfeld
- Re: [Asrg] various anti-spam techniques, was misc… John Levine
- Re: [Asrg] misconception in SPF John Levine
- Re: [Asrg] misconception in SPF Alessandro Vesely
- Re: [Asrg] misconception in SPF Bill Cole
- Re: [Asrg] misconception in SPF Paul Smith
- Re: [Asrg] misconception in SPF Andrew Sullivan
- Re: [Asrg] misconception in SPF SM
- Re: [Asrg] misconception in SPF Dave Crocker
- Re: [Asrg] misconception in SPF Christian Grunfeld
- Re: [Asrg] misconception in SPF Dave Crocker
- Re: [Asrg] misconception in SPF Martijn Grooten
- Re: [Asrg] misconception in SPF John Levine
- Re: [Asrg] misconception in SPF Seth
- Re: [Asrg] misconception in SPF Christian Grunfeld
- Re: [Asrg] misconception in SPF John Levine
- Re: [Asrg] misconception in SPF John Levine
- Re: [Asrg] misconception in SPF Franck Martin
- Re: [Asrg] misconception in SPF Martijn Grooten
- Re: [Asrg] misconception in SPF Paul Smith
- Re: [Asrg] misconception in SPF Alessandro Vesely
- Re: [Asrg] misconception in SPF Martijn Grooten
- Re: [Asrg] misconception in SPF Dotzero
- Re: [Asrg] misconception in SPF Rich Kulawiec
- Re: [Asrg] misconception in SPF Christian Grunfeld
- Re: [Asrg] misconception in SPF Dave Crocker
- Re: [Asrg] misconception in SPF Chris Lewis
- [Asrg] whitelisting links (was Re: misconception … Dave Crocker
- Re: [Asrg] misconception in SPF Martijn Grooten
- Re: [Asrg] misconception in SPF Dave Crocker
- Re: [Asrg] misconception in SPF Christian Grunfeld
- Re: [Asrg] whitelisting links (was Re: misconcept… Paul Smith
- Re: [Asrg] misconception in SPF Martijn Grooten
- Re: [Asrg] whitelisting links (was Re: misconcept… Martijn Grooten
- Re: [Asrg] whitelisting links (was Re: misconcept… darxus
- Re: [Asrg] misconception in SPF Eggert, Lars
- Re: [Asrg] misconception in SPF Christian Grunfeld
- Re: [Asrg] whitelisting links (was Re: misconcept… Dave Crocker
- Re: [Asrg] whitelisting links (was Re: misconcept… Martijn Grooten
- Re: [Asrg] whitelisting links (was Re: misconcept… Michael Thomas
- Re: [Asrg] misconception in SPF John Levine
- Re: [Asrg] misconception in SPF Chris Lewis
- Re: [Asrg] whitelisting links (was Re: misconcept… Paul Smith
- Re: [Asrg] whitelisting links (was Re: misconcept… Steve Atkins
- Re: [Asrg] whitelisting links (was Re: misconcept… Martijn Grooten
- Re: [Asrg] whitelisting links (was Re: misconcept… Dave Crocker
- Re: [Asrg] whitelisting links (was Re: misconcept… Martijn Grooten
- Re: [Asrg] whitelisting links (was Re: misconcept… Christian Grunfeld
- Re: [Asrg] whitelisting links (was Re: misconcept… Dave Crocker
- Re: [Asrg] whitelisting links (was Re: misconcept… Chris Lewis
- Re: [Asrg] misconception in SPF Alessandro Vesely
- Re: [Asrg] whitelisting links (was Re: misconcept… Paul Smith
- Re: [Asrg] whitelisting links (was Re: misconcept… Martijn Grooten
- Re: [Asrg] misconception in SPF Martijn Grooten
- Re: [Asrg] whitelisting links (was Re: misconcept… Rich Kulawiec
- Re: [Asrg] whitelisting links (was Re: misconcept… Michael Thomas
- Re: [Asrg] misconception in SPF John Levine
- Re: [Asrg] whitelisting links (was Re: misconcept… John Johnson
- Re: [Asrg] misconception in SPF John Johnson
- Re: [Asrg] whitelisting links (was Re: misconcept… Michael Thomas
- Re: [Asrg] whitelisting links (was Re: misconcept… John Levine
- Re: [Asrg] misconception in SPF Dotzero
- Re: [Asrg] misconception in SPF John Levine
- Re: [Asrg] misconception in SPF Laura Atkins
- Re: [Asrg] DMARC, was misconception in SPF John Levine