nonobvious at gmail.com
Mon Dec 7 00:25:54 CST 2009
On Sun, Dec 6, 2009 at 2:56 PM, Sean Donelan <sean at donelan.com> wrote:
> In particular, what anti-forgery/security controls should network operators
> implement and check; and what anti-forgery/security controls should network
> operators not implement or check?
Depends a bit on whether you're counting inbound-mail-service
operators as network operators.
As an end user who doesn't have an account at Bank of America, I'd be
happy if bankofamerica.com used SPF records so my mail system could
discard forged spam from them; that's much different than the kind of
forgery prevention I want for my actual bank. (And obviously SPF
isn't going to stop mail from bank0vamer1ca.cm etc., but it can cut
down some of the noise and leave the rest for Spamassassin.)
Note that this isn't my regular email account - It's still experimental so far.
And Google probably logs and indexes everything you send it.
More information about the NANOG