On Mon, 14 Jan 2008, Stuart D. Gathman wrote:
AOL is a poster child for why the canard about how SPF "breaks forwarding"
is complete FUD. *Any* system that blocks the sources of spam
The real problem is that there are at least three separate "Forwarding
Forwarding Problem S - To technologies like SPF, traditionally forwarded
messages appear to be forgeries.
Forwarding Problem K - Forwarding source IPs will accumulate "bad karma"
when they innocently pass on spam to a MUA with a "this is spam" button
and a luser operating it.
Forwarding Problem B - Forwarders are left holding a hot potato if they
accept SPF-neutral mail and the ultimate recipient MX 5xx's it.
Problems K and B really hurt the forwarder, and can only be resolved by
recipient whitelisting, period.
Problem S can be resolved by the forwarder alone, but it's in the
forwarder's interest to play dumb, since if the recipient solves Problem S
at his own end, he also solves Problem K, and if the recipient admin is
honourable, problem B as well.
(Once an honourable mail admin *knows* that a given message is a trusted
forward, he must turn off spam defenses so that he doesn't force Problem B
on an innocent other admin. But in the 2007 discussion here, it was
claimed that most admins will dishonourably comply with customer orders to
spamfilter the forwarded mailstream....
Fortunately, the recipient admin has no selfish reason not to fix Problem
K, once he has the information and technology needed to fix Problem S.)
---- Michael Deutschmann <michael(_at_)talamasca(_dot_)ocis(_dot_)net>
Sender Policy Framework: http://www.openspf.org
RSS Feed: http://v2.listbox.com/member/archive/rss/735/
Modify Your Subscription:
Powered by Listbox: http://www.listbox.com