Quoting Simon Hobson (si...@thehobsons.co.uk): > Rick Moen <r...@linuxmafia.com> wrote: > > > My response inevitably is that I really couldn't care less whether > > they like SPF or not. ... > > May I respectfully pick you up on that one.
Well, you can _try_. > Regardless of the arguments for and against which have been done to > death for long enough, SPF did predictably break email in many ways - > some of which I used to use, and some which my clients used to use. Sounds like a problem local to you. Possibly you wish to originate port 25 mail on IP addresses you are not prepared to declare in an SPF RR for reference by SMTP receivers. Like, maybe your users think it's still 1995 and that they ought to be free to originate outbound port 25 SMTP connections purporting to represent your domain from arbitary, not-preplanned IP addresses at will. I wouldn't know. What I know is that all legitimate linuxmafia.com mail originates from my MTA's static IPv4 address, and my declaring that in an SPF RR as the sole legitimate origin helps others definitively detect and reject forgeries. Therefore, I publish such an SPF RR, and am happy with the results. You say that for some reason you cannot gain the same benefit? OK, if you say so. But I don't think that such a local (alleged) inability has anything to do with me. > In a small way, by implementing SPF yourself, you've added to the > support for something that broke existing LEGITIMATE mail activities. I doubt your premise that SPF 'breaks' anything -- and find it highly suspicious that you don't support your assertion with anything even remotely resembling specifics. However, additionally, your apparent inability or disinclination to publish information in your DNS saying 'All SMTP mail _not_ originating from IP addresses following this spec should be considered forgeries' (_which is the sum and substance_) utterly fails to be a reason why I ought not to, given that I can and have done so. > So your approach has a hint of "I don't do that, so I don't care about > the people who do and now find it broken". Since nobody else's mail (other than my users') purports to originate from linuxmafia.com, I completely fail to see how my succesful deployment of a precise and accurate SPF RR adversely affects anyone else in the universe, let alone 'takes away their freedom'. You can try to show otherwise, if you want, but it's going to require some awfully compelling evidence, and I'm pretty certain you don't have any nor can acquire any. I'll be frank, too. Experience suggests that people making this argument are unwilling to come to terms with the modern reality that SMTP forgery is a huge problem and that circa-1995 policies of SMTP port 25 origination are a bad idea, and somehow think it's my job to contend better with reality. That actually just is not my job, and I have a lot better things to do with my time. > Hmm, didn't Devuan come into being partly due to someone pushing a > policy of not caring what he breaks for other people ? Sorry, that was > a bit below the belt but I hope it illustrates the issue. I wouldn't calling that hitting below the belt. I'd call it dribbling on your feet, since we're going for metaphorical imagery. _______________________________________________ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
