Meng Weng Wong wrote:
The goal of SPF is different: to do the work at the hubs, so end users
who aren't technically savvy enough to do cryptomail still enjoy the
benefits. SPF puts the burden on ISPs to keep things more or less
backward-compatible.
That's my main worry -- despite your best intentions, it won't remain
backward compatible for long. If SPF gets deployed at all, it won't be
long before lots of important mail servers begin to refuse to accept any
mail from a domain that doesn't list any SPF records. Think it can't
happen? It would be only a little more aggressive than the MAPS DUL, a
remarkably misguided concept that is already making life miserable for
anyone with the temerity to use the Internet exactly as it was
originally intended to be used by running their own outbound mail server
on a cable modem or DSL line. Even if they run a tight box and have
never spammed in their life.
It is *precisely* the "do the work at the hubs" approach that is so
dangerous here. I don't want my ISP arbitrarily deciding who can and
can't send me mail, and I don't think you do either. I insist on
reserving that control, and it's one of the main reasons I run my own
incoming mail server alongside my own outbound relay.
I have no problem with delegating the spam filtering job to my ISP as
long as I remain in ultimate control, and can revoke my delegation at
any time if the ISP doesn't follow my wishes. I don't see that as true
for SPF. It's totally ISP-centric.
Those working on the spam problem would do well to re-read (or read for
the first time) the classic paper "End-to-End Arguments in System
Design" by Saltzer, Reed and Clark. It is as valid today as it has ever
been, but the concept is under severe attack from many directions,
including those who would sacrifice it in the war on spam.
Phil
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡
smime.p7s
Description: S/MIME Cryptographic Signature