Email using domainkeys and spf

Frank Sorenson frank at
Sat Oct 1 23:05:12 MDT 2005

Hash: SHA1

Andy Bradford wrote:
> Thus said Steve Meyers on Sat, 01 Oct 2005 12:02:00 MDT:
>>They're not meant  to block spam. They're meant  to authenticate where
>>the email came from.
> The most  common unauthorized use of  someone's domain is spam.  Are you
> saying that  the designers  of these  SMTP hacks  had something  else in
> mind? Maybe  they were trying  to keep Microsoft from  influencing IBM's
> employees by  sending fake  emails that  appear to  come from  IBM? This
> would  be fraud  and  a criminal  offence; SPF  and  DomainKeys are  not
> necessary  to persuade  them from  doing that.  So what  other kinds  of
> people would  benefit from using a  real domain that belongs  to someone
> else?
> Andy

In authenticating where the email came from, it implicitly allows the
host to accept valid email or reject email that _is_ spam.  Haven't you
ever gotten an email "from" yourself?  Or received a nasty email or
bounce message about an email you know that _you_ didn't send?

If the other end had rejected based on the fact that the SPF records
showed IP Address w.x.y.z was the only IP authorized to send email for, and the email came from a different IP, then the email
would never have gone anywhere.

I think spam is probably the biggest reason for SPF, etc., but I suppose
it can also serve as a very rudimentary validation of the email's
source.  Not very effective, but it might work in the most basic cases.

- --
Frank Sorenson - KD7TZK
Systems Manager, Computer Science Department
Brigham Young University
frank at
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Fedora -


More information about the PLUG mailing list