Seth Breidbart wrote:
1. "universal adoption" is part of being a FUSSP.
True. But in the case of SPF it's good eough if most spammers
and worm authors "adopt" it - by simply not forging proteted
addresses.
2. The next generation would just be more careful about who
they claimed to be.
Yes, that's the idea. Like closing resp. blacklisting open
relays SPF is not the FUSSP, it's the next "necessary" step.
Defining "necessary" by the minimal modification you can get
away with (excl. radical approaches like "delete all bounces"
because that breaks SMTP).
At this point, strong SPF checking breaks too much stuff
(especially forwarding).
It's not "especially forwarding", it's only 251-forwarding to
third parties abusing the original MAIL FROM. That was always
illegal in STD 10, you had to add the route to the MAIL FROM.
RfC 2821 removed the routing from bounces, and that implicitly
obsoleted 251-forwarding. It's not SPF breaking stuff, quite
the contrary, SPF tries to fix something broken by 2821. Bye.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg