On 12/3/2004 7:15 AM, gep2(_at_)terabites(_dot_)com sent forth electrons to
convey:
On Fri, 3 Dec 2004, aseem_jakhar(_at_)persistent(_dot_)co(_dot_)in wrote:
SMTP AUTH is a simple and effective way.
ABSOLUTELY NOT!!!! You are TOTALLY IGNORING the issue of sending mail from
public access Internet kiosks. A good example is from cruise ship Internet
"cafes" where you have **no** choice regarding the SMTP server you MUST use;
you are NOT (generally) using your own portable computer; you can NOT change
(for obvious reasons) the mail server to be used in transmission; and you
PROBABLY want to sign your mail using your *own* normal E-mail return address
(which could well be a personally-owned domain name, but also might be your
"normal" ISP-provided E-mail address).
But this is a good example of how the SPF-type (and other DNS-based) folks try
(in vain) to eliminate serious objections and problems with their proposals by
waving a magic wand with obfuscatory nonsense which in fact changes NOTHING.
As one of those folks advocating a DNS-based solution, I'd like to point
out that CSV has no trouble allowing the cruise ship scenario to work well.
Please watch the broadness of the strokes you paint.
We can spend YEARS debating (and then implementing) SPF or some other similar
DNS-based certification scheme, and when we get done we will have accomplished
VIRTUALLY NOTHING in the war against spam, and if anything it will be MORE
disruptive because by then, instead of bounces and such mostly getting T-canned
as undeliverable, they'll effectively become a DDOS attack on the infected
victim. :-((
Ditto, WRT CSV doing virtually nothing, or being DDoS-like. Sloppy.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg