----- Original Message -----
From: "Scott Kitterman" <spf2(_at_)kitterman(_dot_)com>
Sent: Friday, December 17, 2004 4:46 PM
Subject: RE: [spf-discuss] Re: spf-statement-on-SenderID
[mailto:owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com]On Behalf Of Frank
Sent: Friday, December 17, 2004 10:32 AM
Subject: [spf-discuss] Re: spf-statement-on-SenderID
| Where SenderID breaks the function of existing v=spf1
| records, domain owners will only learn of it when legitimate
| mail is not delivered.
Note the careful wording here: "mail is not delivered". As far
as the sender gets a bounce it's still a normal SMTP situation,
and if the sender deletes all bounces without ever reading them
it's his problem.
But Meng said again and again that PRA is a solution for MUAs,
and MUAs don't bounce, all they can do is delete mail directly
or indirectly. So for PRA on v=spf1 "mail is not delivered"
actually stands for "some legit mails lost".
I would add that on spf-help and the spf trouble ticket system I have seen
problems that appear to be caused by people rejecting messages using
records for PRA. Just because Meng thinks the target market for PRA is
MUA doesn't mean that everyone is using it this way.
PRA is not just a theory. I believe it's deployed and causing real mail
I would also add that the only advice we can give people is either to add
the dummy PRA record or delete their v=spf1 records. I've been suggesting
the dummy PRA record as the lesser of the evils available to the victims
SPF record reuse. This doens't make it a good idea, just the best one
I agree - and that's what I've done - even if it is not a perfect solution.