ietf-mxcomp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: DEPLOY: microsoft SenderID wizard seriously flawed, unusable

2004-09-09 00:19:04
from [AccuSpam] [Permanent Link] 


Is this perhaps the first example of "embrace and extend"?, as I have warned:

http://www.imc.org/ietf-mxcomp/mail-archive/msg04536.html

As I have written twice already today in spf-discuss, IMHO we need structural 
validation feedback written into the spec to prevent other de facto standards 
from monopolies:

AccuSpam wrote:

Again I want to re-iterate my opinion that there needs to be some structural 
enforcement/incentive for validation in the spec, else spf syntax errors 
have no incentive to be fixed.  (unlike for a web page) If the e-mail still 
gets through, and since 
we know that most senders are not currently experiencing problems from 
forgery, and since recipients have no incentive to notify the sender of 
error, (then sender is not aware and thus) I see structural incentive is 
currently to encourage proliferation of 
errors (or de facto extensions).


For example, possibly the spec could ask errors to be reported to 
"postmaster(_at_)domain".


At 08:48 AM 9/9/2004 +0200, you wrote:


All,

Microsoft has sponsored a 'wizard' to create SPF records, it's online
here:

http://www.anti-spamtools.org/SenderIDEmailPolicyTool/Default.aspx

However, the wizard is seriously flawed. For example, it suggests you to
enter ip adresses to be used with the a mechanism, producing for example:

v=spf2.0/pra a:1.2.3.4 ~all

this obviously should be 

v=spf2.0/pra ip4:1.2.3.4 ~all

There are further flaws in the programming. Surely, microsoft
programmers are not _this_ stupid, so I cannot understand otherwise than
this is a deliberate stalling move to frustrate development of SenderID. 

This wizard should be taken off-line immediatelly! It should not come
back online until after all the bugs have been fixed. This wizard is bad
for deployment, making people publish bad records.

Koen Martens

-- 
K.F.J. Martens, Sonologic, http://www.sonologic.nl/
Networking, embedded systems, unix expertise, artificial intelligence.
Public PGP key: http://www.metro.cx/pubkey-gmc.asc
Wondering about the funny attachment your mail program
can't read? Visit http://www.openpgp.org/
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: DEPLOY: microsoft SenderID wizard seriously flawed, unusable, Mark
Next by Date:  Re: consensus call on pra/mailfrom deployment and versioning/scope, william(at)elan.net
Previous by Thread:  Re: DEPLOY: microsoft SenderID wizard seriously flawed, unusable, Mark
Next by Thread:  Re: DEPLOY: microsoft SenderID wizard seriously flawed, unusable, Yakov Shafranovich
Indexes:  [Date] [Thread] [Top] [All Lists]