ietf-mxcomp
[Top] [All Lists]

RE: How is SPF different from RMX?

2004-08-01 20:07:20


In this respect, RMX was probably better. But it was still rejected 
because 

   It didn't solve the problem and was therefore gratuitous.

The DNSEXT group can be regarded as an authority on requirements after
they have successfully deployed DNSSEC and it is in use by 5% of the 
internet.

As far as the IETF is concerned all working groups are peers. The
fact that a group has been arround trying to finish its work for 12
years does not seem to me to be a recomendation of its expertise,
quite the opposite in fact.


Setting anything is "a matter of minutes for one domain".  
Try doing it 
for hundreds or thousands of domains. 

Try a perl script. If you manage hundreds of domains you are familiar 
with this type of issue.


, so every domain that has an admin maintaining it should be able to
afford it -- and those who do that externally actually pay for a
service, don't they ?

Service that doesn't include 20% increase in frivolous domain record 
maintanence: And it is ongoing maintenance. Change the IP of your 
mailservers, and lots most stuff has to change. It gets 
correspondingly 
more difficult to renumber.

It is pretty easy to set a system up so that your changes propagate
in the right way.

22,000 out of perhaps 22 million domains?  That's less than 
one tenth of
one percent. I'm sure more than that use "hair growth cream". 
 It doesn't
matter how many use it if it doesn't work. 

Its rather more domains than are using DNSSEC. 

"It works for me at the moment" is not a sufficiently 
convincing technical
analysis to spend a great deal of money and inconvenience a 
lot of people.  

??? The argument here seems to be of the form "I don't know 
what the problem is going to turn out to be with this protocol
but I am sure that there is one and my time is too valuable to
bother looking for it".

Gee
thanks. Now there is nothing to make those events less bad.  
Keep shooting
us in the foot, folks. Maybe you'll hit something vital. Or 
maybe, you'll 
just kill something like outsourcing email, and no one will notice. 

Perhaps if you read the actual documents you might be able to
state how one of these calamaties might occur.

Its a bit difficult to disprove a claim that is not even stated.

 
Before something will be accepted, it needs to work for a 
long time. That
means that it has to do more than just break the current and 
past abuse
engines for a few days. It has to break them permanently. Wait,
information theory says something about that. It says you can't ever
achieve that.

Nonsense. We are in the process of applying a priority list of things
to fix in the mail system. SPF is not the only fix that is necessary,
it just happens to be first on the list.

In an ideal world the IAB or IESG would be providing a priority list 
of things to fix. Since they have not others have decided priorities
instead. If you feel that other priorities should be attended to 
then submit a proposal.

So, it seems that you have to track down virus operators and 
put them in jail. 

Have you got a problem with that objective?

It seems to be working to the extent of filling up the jails.
There has been an indictment in the Sasser/Netsky cases, successful
prosecutions in many others.

Sender-ID provides some very useful features for both stopping
the propagation of viruses and for catching the criminals. 




<Prev in Thread] Current Thread [Next in Thread>