spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Why not just use S/MIME or GPG signatures?

2003-10-08 20:53:46
from [Phil Karn] [Permanent Link] 
Peter Viertel wrote:


Because SPF has the potential to stop the spam from being sent on our network
in the first place - all the other schemes you mention entail receiving the 
message
before making a decision - from a sysadmin's point of view the damage has 
already been done, the bandwidth has been consumed, the cpu cycles spent.
This is a second order effect. To a first order, the spam problem is purely one of human annoyance. If by spending even a fairly large number of CPU cycles I can reduce that annoyance even a little, then it's almost certainly worth it..
Sysadmins sometimes have to be reminded that computers exist to serve humans, not the other way around. And while the cost of compute cycles is asymptotically approaching zero, I don't think I read any faster than I did in my teens.
And I can continue to send my email direct to its recipients from any IP address I happen to be visiting. 


With SMTP Auth set up on your 'home' gateway you should be able to send from 
anywhere on the Internet via the home gateway, and your emails will look more 
authentic having come from the right IP.
I find it most curious that everyone is willing to take such extreme measures to avoid wasting the tiniest amount of server capacity and network bandwith on spam, yet they see no problem in requiring legitimate users to waste much of that same server capacity and network bandwidth by forcing their traffic through what can be extremely suboptimal multihop routes.
If while visiting Australia I send mail to an Australian recipient, why should I have to route it back through my home SMTP server in the US just to prove that I really sent it? If you want me to prove my mail is genuine, my laptop (whose CPU is usually idle) is perfectly capable of signing it, resolving the MX records and delivering it directly to its destination using whatever IP address it has at the moment. Not only does that provide far stronger sender verification than what you propose, but it also conserves network bandwidth and server cycles, reduces latency and increases reliability. What more could you want? 

Phil

-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your subscription, please go to http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: new RR type, Arlie Davis
Next by Date:  Re: Why not just use S/MIME or GPG signatures?, Phil Karn
Previous by Thread:  RE: Why not just use S/MIME or GPG signatures?, Peter Viertel
Next by Thread:  RE: Why not just use S/MIME or GPG signatures?, Dustin Trammell
Indexes:  [Date] [Thread] [Top] [All Lists]