On 6/11/2004 11:29 AM, Markus Stumpf sent forth electrons to convey:
Oups, hit send to early :/
On Wed, Jun 09, 2004 at 04:49:26PM -0700, Matthew Elvey wrote:
Some of the syntax and semantics of SPF records provide useful
additional functionality without weakening the effectiveness with which
an MTA is authorized by a domain.
Let's make a real life deployment test:
How much people that use the Internet "for fun" (some web browsing, a
bit of email and maybe chats) do you know?
~100
How many of them have their own domain?
~20
How many of them will be able to specify (even with software aid)
correct SPF records that will not make it totally impossible for them
to send eMails?
~10 (I live in San Francsico, else likely ~5)
A big german hoster has registered - according to their
website - more than 2 millions of domains for their users. A large
portion of them are domains used like business cards or are the hobby
of people like joe-user.de.
Do yopu expect them or anyone else for them to be able to specify
correct SPF records?
No.
Also you forgot that in an SPF world, they'll have to configure their
mail clients. What about the ones that use many different From:'s
http://wiki.fastmail.fm/wiki/index.php/FromLine, e.g. with Mozilla's new
Multiple Identity Support:
http://www.mozilla.org/projects/thunderbird/identities.html? But I'm
not advocating SPF in its entirety, just "some of the syntax and
semantics"!
Some folx which are my friends have such domains.
They send out their emails through the mailserver of Internet on demand
ISPs and DSL providers and and and. They change (with the aid of
programs) their IPs, ISP and mailserver like other change their
underware. Managing correct SPF records for them is hell.
No, you misunderstand my proposal. (Thanks for setup though!) We still
use EHLO to select the domain to authenticate; we ditch the PRL and
SRS. So our friends DON'T HAVE TO DO ANYTHING! The big german hoster
just has to make sure that the EHLO its server sends out is a domain
that has an SPF record that validates its IP (and
reputation/accredidation). SRS doesn't need to be deployed!
In my proposal, most domains DON'T NEED new DNS records AT ALL.
(And none of this RFrom stuff is necessary either.) Near lightning-fast
deployment is feasible. And we're still providing and using M.A.R.I.D.
effectively.
How cool is that?
don't pass the rDNS test. And yet it ties that MTA to a domain that has
a valuable reputation. That being the goal of MARID.
Do you know what hell it will be for a large ISP offering mail relay for
their customers to change the IP of an outgoing SMTP server?
That's why I wrote "reality check". It is one side to design a kewl
and nitfy system and it is a completely other thing to make it work
in the real world. How many systems fail in the real world you can read
each day in the newspapers about.
I agree.
\Maex
On 6/11/2004 11:15 AM, Markus Stumpf sent forth electrons to convey:
On Wed, Jun 09, 2004 at 04:49:26PM -0700, Matthew Elvey wrote:
Sorry, where can I get a domain for $0.10 US? (And I don't mean
foo.cjb.net or foo.cjb.co.uk)
What is the difference with regards to MARID and MARID records
between a domain example.com and foo.cjb.net or foo.cjb.co.uk?
Big difference. Generally a cjb.net (a second level domain) will have a
reputation (or get RHSBL'd), and cjb.co.uk (a third level domain) will
too.
the domains I listed generally won't have reputations separate from
their parent domains.
"Full featured" SLDs are as cheap as 5 USD (google for "cheap domains").
(I know. I said so tonight.)
You said I could get domains for $0.10. I asked Where? No answer.
I guess you're taking back your claim! Good!
If these are coming or here, as you and Gordon seem to be saying they
are, then MARID won't work as well as I had thought it would.
You think an icann-authorized TLD will start selling domains at this
price? Please explain in more detail.
Domains ARE cheap, most bundle it with disk space and webservers.
Yes, but not so cheap that they make RHSBLs unscalable. As was
discussed (with stats) a while ago on the list.
1GB of RAM costs a lot less than 50GB of RAM. (the $5 to $.10 ratio)