On Tue, 5 May 2009, Matus UHLAR - fantomas wrote:
Defining personalised SPF would cause much more work and troubles for
users. Yes, apparently not for you.
Everything is "more work". Question is, would it be WORTH it?
Many people responded this thread saying it's bad idea.
To date, not counting the 'take my word for it' crowd, I've had one
concrete suggestion on how to do it 'better', which I am implmenting.
You repeated a few times that you have no problem being wrong but
apparently you are not taking anyone's arguments but yours.
Give or take the fact that I am now implementing SMTP auth.... I am still
not hearing arguments, only opinions.
As I have already said, configuration you prefer (each user sends mail
through its ISP's mail server)
Yo! Who the asterisks said I *prefer* it? I'm just saying its a fact of
life we have to live with. I'm looking for the best solution that will
work for a large world, not just me and my one setup.
Yes, I repeat, your idea is sick, based on completely different approach
much (most?) of the world currently uses.
Sick. Now that's constructive. Is that a bandwidth measurement? LOL...
- setting up PSPF for user connecting through different provider takes you
away verification that the sender is really the user. Only you at your
mailserver can validate the e-mail address.
(grasp chest - feign heart-attack) Wow! An *argument*!
Yeah, I thought of this one. Any mechanism that I can think of to easily
automate setup would inherently introduce the possibility of forgery,
defeating the whole point of the system.... You know, if you weren't so
busy trying to hammer this down, you might see that I've had doubts about
this idea from the beginning. That's why I threw it out here.
- anyone connecting through such provider could fake the users' e-mail
address withot you being able to block the mail
This argument only extends by degree the current situation where someone
could hack *my* server and send mail 'protected' by my SPF. The majority
of spammers would still be blocked.
I was the first one in this thread who brought up port 587.
So why switch tactics now? If you are capable of rational argument, then
keep it up. It's more productive than just yelping 'bad, bad, bad'.
Well, the main problem is you don't have the PSPF and I doubt anyone
will want it.
Again, a nice opinion, but no real sense of *why*. Inertia is not a
reason.
I was at the idea all problems have been made clear to you....
Frankly, I've thought of more problems on my own than anyone has mentioned
here. But it really irks me to shelve SAV. There *must* be some
bandwidth-friendly way to achive *that* goal....
- Charles
