ietf-mxcomp
[Top] [All Lists]

RE: How is SPF different from RMX?

2004-08-03 17:30:17


Wrong and misleading as well. I have given you a large number 
of specific faults: (I'll summarize)

      1) Abuser can forge addresses at domain

This is a risk, not a specific threat. it appears that you are referring
to the fact that forwarded mail can only authenticate to the last sender,
not the original sender.

This is an understood issue for which other controls are relevant.

      2) Abuser can use stolen credential

This claim makes no sense whatsoever in the context of Sender-ID since
there is no private key coresponding to the DNS record, there is no
knowledge that can be stolen.

The vulnerabilities to DNS and BGP spoofing are understood and are
out of scope.

      3) DNS cache problems (more records per domain, same cache size)

Irrelevant.

      4) DNS load (more records per domain)

Irrelevant. 

      5) Ongoing Maintenance issues

Vague.

      6) Migration issues

Vague and irrelevant. 

      7) IP Renumbering issues

Utterly irrelevant.

      8) Lost non-spam emails

Not an issue, all Sender-ID does is to provide a means of whitelising
good email, it is not a mechanism for rejecting bad emails, that 

      9) Lack of universal compliance.*

Uninterested.


<Prev in Thread] Current Thread [Next in Thread>