ietf-mxcomp
[Top] [All Lists]

RE: How is SPF different from RMX?

2004-08-02 10:01:33

I'm sure register.com and Verisign and other lowcost hosting 
places are
thinking the same thing.  So, who pays the perl programmer?  
Do they work for free at Verisign?

That business was sold. But if we were in that business then a perl
script is simply the cost of doing business. Not a big deal.


Some say otherwise. Some say it takes six months now to renumber IP
addresses, and we are going to add even more work to that task.

Argument by reference to anonymous source is not very credible.
Give a specific example.


We can't accept "I don't know what the problem is going to 
turn out to be
with this protocol so lets just put it into large scale universal
deployment in 8 months and see what happens. 

Why not?


I am sure that whatever
problems found will have to be solved by others and my time is too
valuable to bother looking for it now".

Well if you think there might be a problem one assumes that you
will have bothered to read the drafts and tell us about it.

Otherwise it sounds as if you are arguing to do nothing in case
we might break the net.

If the IETF does nothing then Sender-ID will happen anyway and
all you will have achieved is breaking the IETF. The end-users 
and the sysops are utterly fed up with waiting while nothing is
done.


Doesn't seem like outsourcing is going to work at all.  I 
already gave as
an example scenario of real Av8 Internet customers who send 
email from: ...

This is not what I understand by the term 'outsourcing'

If the users are using an earthink address they better use a
method of authenticating their mail that is approved by
earthlink. It probably means that they relay their outgoing
email through earthlink.

If they want to do different then they should get their own 
domain name. They can still receive on the earthlink address.


In an ideal world the IAB or IESG would be providing a 
priority list 
of things to fix. Since they have not others have decided priorities
instead. If you feel that other priorities should be attended to 
then submit a proposal.

Then get back to me when you have a system of changes that 
will solve the problem. 

Since when did your opinion matter?


I don't want to do a bunch of stuff that won't solve the problem. 
Been down that road far too many times in the last 8-10 years.

You make it sound as if the IESG had been issuing directives to solve
spam on a daily basis during that time.

Fact is that you have not been asked to do one thing to solve this
problem by the IETF *EVER*. 

Instead you have had self-appointed vigilantes taking over that
role.

Yes. It is not a problem finding the people who do things when the
incentive to find them exists.  It is not a matter of "can't 
find them",
it is a matter frequently of "No significant cost damage so Feds won't
bother to even look for them".

I am in regular contact with the Secret Service, Mail Inspectorate
and the FBI. Catching the authors of MyDoom and the various gangs who
launched it is a major priority. MyDoom has been used to steal rather
a large amount of money.