"terry" == <terry(_at_)ashtonwoodshomes(_dot_)com> writes:
terry> SO?! I only care about if certain portions of the internet
terry> adopt, specifically those who know my users/have my users
terry> addresses in their addressbook. (Read "stop those virus
terry> bounces from infected people who know my people")
Well, if every virus (or spammer) who has the e-mail address of one of
your users is sending mail out through an ISP that implements SPF
checks on their outbound mail relays, then yes, that would make a
significant dent in amount of backscatter that your users receive.
I'm ignoring spammers who send mail out through open relays; they're
unlikely to implement SPF checks, but you can hope to block many of
them through DNSBLs...
terry> I have been trying to keep up with the group, but perhaps I
terry> fell behind: Please help me out: What is "MTA
terry> Authorization" aka "Sender ID" good for then?
It's a tool; it's not a panacea.
Authentication doesn't stop spam, but it enables technologies that
have promise in attacking the spam problem (accreditation and
reputation systems).
It may not be a panacea against phishing, but it is a useful tool in the war.
It's also a useful tool to stop people sending mail pretending to be
me. Many corporates care about the fact that people are receiving
spam and viruses claiming to be from them, and many non-technical
users actually believe that the company sent them the spam or virus.
These are early days for sender authentication schemes. Maybe they'll
be useful, maybe they won't. Personally, I think they will be, though
they won't be the anti-spam panacea that some people seem to believe.
As I see it, the purpose of this WG is to give us a MARID standard to
deploy and test. Until we have that, know one will know for sure how
well MARID will (or won't) fare in the real world.
-roy