Spammers Skirt IP Authentication Attempts
Sean Donelan
sean at donelan.com
Mon Sep 6 19:57:09 UTC 2004
Although SenderID (or whatever the final name is) is not completed yet,
SPF has been around for a while and some people have been using it. But
who? Do domains with SPF records have fewer phishing attacks? Fewer
virus bounce-backs? Fewer spam forgiers?
According to the Anti-Phishing Working Group, these are the most phished
companies. How many are using SPF? I checked the most obvious domain name
for the companies (.COM and their country variant e.g. .CO.UK)
Company Name Has SPF TXT record
Citibank NO
eBay NO
US Bank NO
Paypal NO
Fleet NO
LLoyds NO
Barclays NO
AOL YES
Halifax NO
Westpac NO
FirstUSA NO
VISA NO
Earthlink YES
e-gold NO
Bank One NO
Bendigo NO
HSBC NO
MBNA NO
Suntrust NO
Verizon NO
More information about the NANOG
mailing list