At 19:49 25-02-2009, MH Michael Hammer (5304) wrote:
I have no problem with RFC4406 and RFC4407 being moved to historic. I've
The change affects RFC 4405, RFC 4406, RFC 4407, and RFC 4408.
On the other hand, RFC4408 (SPF1) is fairly widely used by both senders
(published) and receivers (checked). I'm not prepared to throw a lot of
data points to the list at the moment but I am aware of receivers that
have used SPF1 checking as a strong indicator (high correlation) of ham
(pass) vs phishing (fail).
There is a note in RFC 4408 about the advice given in section 3.4 of
RFC 4406 to publish both v=spf1 and spf2.0 records to avoid the
conflict. A rough sample of domains using these specifications shows
that they only publish v=spf1 records. Depending on the content of
the record and on the context, that can lead to loss of mail. Using
SPF1 fail as a strong indicator of phishing means that the receiver
is using heuristics.
I'm fully aware that there are those who argue the forwarding issue
I am not bring up the forwarding issue as it would be more
appropriate in a discussion about SPF internals.
I am not arguing that SPF is a magic bullet or that it stops SPAM. I am
asserting that it can be highly effective in certain contexts and it
would not be appropriate to move RFC4408 to historic.
RFC 4408 has been published as Experimental with a shelve life. What
do you propose to do about that? The statu quo won't resolve the
conflict between Sender ID and SPF.
Regards,
-sm