-----Original Message-----
From: asrg-bounces(_at_)ietf(_dot_)org
[mailto:asrg-bounces(_at_)ietf(_dot_)org] On Behalf Of Bill
Cole
Sent: Tuesday, April 12, 2005 3:26 PM
To: asrg(_at_)ietf(_dot_)org
Subject: RE: [Asrg] article: port 25 blocking
SPF '-all' publishing and enforcement has not proven feasible for domains
of any significant scale and/or user diversity. Without all domains
publishing '-all' record along with a large fraction of receiving systems
being willing to enforce those records, SPF use cannot reduce the utility of
port 25 blocking.
From the way you make it sound, it sounds like we will NEVER have any kind
of domain level authentication and the "from:" address will remain on the
honor system. Since it appears that there is no consensus for any one's
solution be it SPF enforcement or port 25 blocking, you might be right about
that so the future remains bleak.
Beyond that, any proposal that requires everyone to make changes on the
same schedule or else the first movers will break their systems badly, is
simply never going to happen at all on any schedule. SPF as the FUSSP
requires behavior that is self-harming unless everyone else does it at the
same time.
If we could get the top 50 domains to start "punishing" non-SPF compliant
with delays and a gradual migration to a hard fail in unison, would that not
prompt other domains to become SPF compliant?
George
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg