On Mon, 6 Dec 2004, Alan DeKok wrote:
Dean Anderson <dean(_at_)av8(_dot_)com> wrote:
But to be pedantic, that's the whole *point* of MAIL FROM
checking: to know who is using your domain name in MAIL FROM, and to
control their use of that name.
Yes, I know that is "the point". However, this isn't possible.
In theory or in practice? If it's possible in theory, it's possible
in practice. The only question then is whether the cost is acceptable.
Its not possible in theory with SPF. In theory, SPF can't achieve the
goal it set out to achieve.
If it's not possible in theory, I'm curious to know why.
We're just going over the reasons, for purposes of summarizing them.
Hence the conclusion that "SPF is breaking the mail system for no
good reason".
So... am I to be permitted to control the use of my own domain name?
If not, why not?
Its not a matter of "permit". Its a matter of "is it possible to control
abuse of your domain", and more specifically, its a matter of "does SPF
enable control over your domain". SPF offers no control for about 13+
reasons.
Of course you are permitted to control your domain. You can sue anyone you
want to. But there is no technical way to make it impossible for someone
to forge your address using the tools proposed by SPF.
If so, then I'm free to implement SPF, or anything other scheme I like.
You are always free to shoot yourself in the foot. We can't stop you from
doing so; we can only explain that you are about to do so, before you do
so.
--
Av8 Internet Prepared to pay a premium for better service?
www.av8.net faster, more reliable, better service
617 344 9000