spf-discuss
[Top] [All Lists]

RE: Why not just use S/MIME or GPG signatures?

2003-10-12 08:29:03
I disagree that it's compatible with spf.  Most isp's and
corporate networks filter outbound traffic on tcp/25.

Corporates can, well, do what they like. Don't let's encourage ISPs to do
likewise, though -- we should certainly work on the assumption that the
original poster is correct.

Whether or not we encourage them to, nearly all isp's already filter
outbound traffic on port 25 to prevent spammers from abusing their
connection.  For example, I am in Boston, and there are two cable modem
providers:  RCN and Comcast.  Both of these filter outbound port 25, and I
personally (and all of cablemodem boston) cannot use spf unless I use my
return address @rcn.com, which I refuse to do, and I suspect there are a lot
of people around boston that feel the same.

This is not a dubious filtering practice.  But it restricts peoples' freedom
to use their own mta.  It forces people to use the mta that belongs to the
isp.  Which is fine for now, using slutty smtp, because I'm able to forge my
own return address @nedharvey.com.

The solution must meet these requirements:
1- People are still permitted to use their local, slutty, isp-provided smtp
servers.
OR
2- The protocol doesn't run on port 25 exclusively.

-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡