On 2007-06-06 09:00:45 -0500, Les Mikesell wrote: > m. allan noah wrote: > >On 6/6/07, Les Mikesell <[EMAIL PROTECTED]> wrote: > >>SPF is one of those things that can't possibly work: > >>http://homepages.tesco.net./~J.deBoynePollard/FGA/smtp-spf-is-harmful.html > > > >there are some very good points in there. too bad they are hard to see > >past all the vitriol and absolutism. it would be nice if it was > >condensed down to fewer, demonstrable points. > > The obvious one is what this thread is about. People making money > sending spam will go to the effort to follow these rules even if it > means rolling out new domains faster than they can be blacklisted. That > was predictable from day one,
It was not only predictable, it was kind of the point: Spammers,
phishers etc. should be prevented from abusing other people's domains
and be forced to use their own - ever changing - domains.
(whether it's a good idea to base reputation systems on domain names is
debatable, of course)
> and the rest of the scheme is just inconvenience for everyone else and
> it prevents mail from working as designed with user-controlled
> forwarding.
Yes and no. If you forward from mailbox A to mailbox B you know about
it, and you could whitelist the MTA of A on the MTA of B. You don't even
need something like SRS for that. Unfortunately, the few providers I
know which do actually reject on SPF failure don't let the user
configure that - so it's not actually SPF which breaks forwarding, it's
stupid implementations.
hp
--
_ | Peter J. Holzer | I know I'd be respectful of a pirate
|_|_) | Sysadmin WSR | with an emu on his shoulder.
| | | [EMAIL PROTECTED] |
__/ | http://www.hjp.at/ | -- Sam in "Freefall"
signature.asc
Description: Digital signature
