I have been observing that the recent discussion on CSV in comparison
to the SPF/Sender-ID solutions have been between a small, consistent
subset of the participants of this mailing list. I can only conclude
that others either do not care about these issues or do not understand
these issues. After reading every single message over the past couple
of threads, I must admit that I do not comprehend many of the points.
Therefore, I'd like to get feedback from others:
Do you appreciate the difference between a HELO check vs. a
MAILFROM/PRA/SUBMITTER check?
Do you understand the semantic differences between a CSV check on
HELO and an SPF/Sender-ID check on HELO?
Is it clear to you that CSV has definite security advantages over
SPF/Sender-ID?
I'm only asking these questions so that we can hopefully refine the
conversation on this topic.
-andy