On Sun, Dec 14, 2003 at 11:44:17AM -0500, Edward Ned Harvey wrote:
|
| If I add +include:aol.com or +include:rcn.com to my spf records, thus
| allowing *anybody* to spoof my address who uses rcn or aol, there are
| millions of people capable of forging my address.
|
| This is not a solution, or even an improvement.
presently, billions of people can forge it. reducing the magnitude to
millions sounds like an improvement to me.
also, if the forgery is by another AOL customer, an audit trail exists;
presumably AOL's logs know who did the deed, and you can sue AOL to get
their name, then sue them directly.
so even forgery becomes accountable. right now some ISP in china might
forge your name, and suing someone in china is a lot harder than suing AOL.
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.3.txt
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname(_at_)©#�«Mo\¯HÝÜîU;±¤Ö¤Íµø�?¡