On September 10, 2004 at 17:21 esr(_at_)thyrsus(_dot_)com (Eric S. Raymond)
wrote:
Barry Shein <bzs(_at_)world(_dot_)std(_dot_)com>:
Spammers no longer use static domains, and they haven't for years.
That's right. They joe-job my domain instead, and I get over a
thousand bogus bounces a day. If SPF deployment does nothing but stop
that (which it can), it's a win. Meng has picked this piece of the
problem and is addressing it effectively.
So now SPF is mostly useful for people with vanity domains who run
SMTP for those vanity domains?
Which is getting down to a pretty microscopic portion of the
community.
My honest opinion is that SPF is a poorly-thought out idea which has
now developed into a massive fraud. I guess not out of evil intentions
but just the thrill of getting some attention and regretting that it's
all falling apart.
Unfortunately, SPF is not only a fraud, it's a dangerous fraud.
What it's doing is introducing widespread authentication (PAPERS
PLEASE!) without any obvious or widespread benefits to even remotely
match.
As a friend of mine said about airport security: It's a damned good
thing Reid didn't hide the explosives in his underwear! But, one guy
slips some semtex in his shoes and people have to get their shoes
searched, as if there's some magic to shoes.
No, SPF is not only mostly useless and ill-conceived, it has a
dangerous civil liberties aspect to it that goes beyond, e.g.,
anything I have to do to mail a paper letter or make a phone call.
So I, and everyone else, has every right to demand to know, and
examine carefully and critically, what the benefit is before we're all
asked to show our identification every time we want to send an email.
If the benefits were great, swell, life is full of trade-offs, I'm not
saying the concept crosses some pre-determined line.
But if the benefits are so thin and vaporous I say to hell with it and
let's go back to the drawing board and stop distracting ourselves (and
the media et al) with this sort of fool's gold.
Zombie nets are a different problem to be solved with different methods.
That will require taking down Microsoft and obsolescing Windows. I'm working
on that part.
Meanwhile, you're not an idiot, Please do us all a favor and stop imitating
one so effectively. Lead, follow, or get out of the way.
--
<a href="http://www.catb.org/~esr/";>Eric S. Raymond</a>
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
--
-Barry Shein
Software Tool & Die | bzs(_at_)TheWorld(_dot_)com |
http://www.TheWorld.com
Purveyors to the Trade | Voice: 617-739-0202 | Login: 617-739-WRLD
The World | Public Access Internet | Since 1989 *oo*
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg