On Fri, 2005-07-08 at 07:19 -0500, wayne wrote:
I think, if you dig around in the archive, you will quickly find
people who have said that forwarding w/o rewriting is wrong and
forgery. I have seen many people saying something along the lines of
"the problem with stopping forgery is that you have to stop *all*
forgery".
Indeed so. I bet if I dig around in Google, I can find people saying
that the earth is flat. Yet I cannot find a reasoned argument for it
which _doesn't_ boil down to the fact that SPF doesn't work with
forwarding.
I'm not disputing that fact. If your judgement is that SPF is so much
better than all the other schemes which offer to reduce forgery that
it's worth trying to change the entire world's forwarding practice, then
go for it. Try to get your successor to RFC2821 blessed by the end of
the year, perhaps?
But let's not pretend that there was anything fundamentally wrong with
forwarding in the _first_ place.
The fact that domain owners, before things like SPF were created,
didn't have a voice about how they think their domain name should be
used, doesn't mean that they all liked that forwarders could send
email claiming to be from them and didn't consider it to be forgery.
Do you have any examples of this being stated outside the context of
SPF? You're suggesting that people were unhappy about the fact that a
forwarding site could forward a _genuine_ mail?
Let's not be confused into thinking about the fact that with _some_
forgery-detection techniques, notably SPF, the forwarded genuine mail is
indistinguishable from a faked mail. That was the 'technical
incompatibility' which we've already agreed about.
Are you _really_ suggesting that people consider it 'forgery' when a
_genuine_ mail is forwarded to its final destination? Do these same
people also object to backup MX, on the same grounds?
Do they also object to the use of their _name_ in From: headers from
mailing lists, etc.? After all, I didn't author the mail you're
receiving -- I would never refer to that pobox.com web site in an email
I compose, and neither did I tell you how to deactivate your
subscription; someone else edited my mail and sent it to you and all the
subscribers. Why do they keep my name on it?
Do they also object to the use of their IP address when their packets
are forwarded by routers in the Internet?
If your claim is that normal forwarding is inherently 'wrong' for
reasons _other_ than SPF's incompatibility with it, but those other
things are not also 'wrong', then what is the difference?
--
dwmw2