Without going point by point (because that gets tiresome, fast):
I agree with you that a valid motivation for SPF/DK kinds of solutions
is to "protect" (for some value of protect) domain owners.
I have little doubt that a billion msgs per day (more) get forged with
the domain of ISPs whose names you hear on prime time TV commercials
and many of those cause consequences for those ISPs.
[just a minute have to block a few hundred stock pumping IP addrs]
Even as a smaller ISP we've suffered such consequences, irate victims,
inappropriate blocking, even subpoenas, etc., when itn the end none of
it ever passed thru here.
None of that, to me, is strictly spam, even if it might be A Good
Thing to eradicate.
Something that has concerned me is...
[damn, there they go again, be right back...]
where was I? Oh, right, is exactly this problem of judging what is a
spam problem and what isn't?
For example, should we require a valid DUN identifier to do business
via email? That's essentially what an SSL certificate is, one has to
present a valid DUN to get a cert. Maybe anyone offering prescription
drugs should be required to include a valid pharmaceutical license.
I'm not going into a libertarian space here, just that fraud etc is a
very, very, very big problem.
And it does drag us further and further into trying to validate the
content of a message, perhaps even its worthiness tho I don't think
that's a problem with SPF/DK per se.
[Again! ok, that was only 25 /24's blocked, progress?]
I'll leave that on one observation which is to note that neither the
(paper) postal system or phone system has developed a reliable,
general way to authenticate "senders" in over 200 and 100 years
respectively. In the case of the postal system they offer it as an
option (which I suppose is what ANI for the phone system is also) but
I wouldn't view that observation too flippantly.
And one point by point:
Again, I don't know for a fact that this is completely useless
technology (like proof-of-work which is useless technology), but I
^^^^^^^^^^^^^ ^^^^^^^^^^^^^^^^^^^^^
I still haven't seen proof of that, from you or others...
We have to prove that something WON'T work now?
[oh there goes the cheap software jerk...]
How easily we go through the looking glass...
But I believe some compelling criticisms have been raised.
--
-Barry Shein
Software Tool & Die | bzs(_at_)TheWorld(_dot_)com |
http://www.TheWorld.com
Purveyors to the Trade | Voice: 617-739-0202 | Login: 617-739-WRLD
The World | Public Access Internet | Since 1989 *oo*
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg