spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Why not just use S/MIME or GPG signatures?

2003-10-08 21:10:44
from [Phil Karn] [Permanent Link] 
Meng Weng Wong wrote:


The goal of SPF is different: to do the work at the hubs, so end users
who aren't technically savvy enough to do cryptomail still enjoy the
benefits.  SPF puts the burden on ISPs to keep things more or less
backward-compatible.
That's my main worry -- despite your best intentions, it won't remain backward compatible for long. If SPF gets deployed at all, it won't be long before lots of important mail servers begin to refuse to accept any mail from a domain that doesn't list any SPF records. Think it can't happen? It would be only a little more aggressive than the MAPS DUL, a remarkably misguided concept that is already making life miserable for anyone with the temerity to use the Internet exactly as it was originally intended to be used by running their own outbound mail server on a cable modem or DSL line. Even if they run a tight box and have never spammed in their life.
It is *precisely* the "do the work at the hubs" approach that is so dangerous here. I don't want my ISP arbitrarily deciding who can and can't send me mail, and I don't think you do either. I insist on reserving that control, and it's one of the main reasons I run my own incoming mail server alongside my own outbound relay.
I have no problem with delegating the spam filtering job to my ISP as long as I remain in ultimate control, and can revoke my delegation at any time if the ISP doesn't follow my wishes. I don't see that as true for SPF. It's totally ISP-centric.
Those working on the spam problem would do well to re-read (or read for the first time) the classic paper "End-to-End Arguments in System Design" by Saltzer, Reed and Clark. It is as valid today as it has ever been, but the concept is under severe attack from many directions, including those who would sacrifice it in the war on spam. 

Phil

-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your subscription, please go to http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Why not just use S/MIME or GPG signatures?, Phil Karn
Next by Date:  Re: Why not just use S/MIME or GPG signatures?, Phil Karn
Previous by Thread:  Re: Why not just use S/MIME or GPG signatures?, Meng Weng Wong
Next by Thread:  respecting per-user preferences, Meng Weng Wong
Indexes:  [Date] [Thread] [Top] [All Lists]