On Sunday 14 December 2003 01:30 pm, Mark wrote:
Even if I publish an spf record saying that spf(_at_)nedharvey(_dot_)com
sends
mail from smtp.rcn.com or smtp.aol.com or whatever, that's already
allowing 2 million people forge my address and be verified "authentic."
If we make it even broader, it's useless.
SPF does not authenticate email addresses, it authenticates relays; SPF does
not verify that "spf(_at_)nedharvey(_dot_)com is who he says he is," but that
"relay X,
according to the published SPF records at nedharvey.com, is authenticated to
relay mail for envelope FROM addresses with nedharvey.com as domain name."
In doing so, SPF will literally prevent millions of forgeries, when large
parties, such as hotmail.com, jump aboard.
- Mark
Exactly. It just shows, yet again, that he doesn't know what he is talking
about.
A couple of mails and I going to kill this thread.
Then it's "don't feed the troll'.
Regards...Martin
--
Old age is the harbor of all ills.
-- Bion
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.4.txt
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname(_at_)©#�«Mo\¯HÝÜîU;±¤Ö¤Íµø�?¡