-----Original Message-----
From: Vivien M. [mailto:vivienm(_at_)dyndns(_dot_)org]
[snip]
Yes it will require changes in the way some people use
E-mail. However, the technology to handle it is all in
place; it just requires IT staff to configure it. It's
really not that big a deal. I personally think IT staff will
welcome having some control over where staff (and others)
make use of company E-mail addresses.
Oh, I agree with your last statement entirely. I'm just unsure if this is a
Good Thing for the end user, that's all... And what about in the case where
Let me be blunt here: The end user is not the target of SPF. The owner of the
domain is. And SPF gives the DOMAIN OWNER better CONTROL of what's
being done with HIS DOMAIN, that he has spent MONEY buying, advertising,
trademarking, etc. etc.
If the DOMAIN OWNER wants to put TRUST in he hands of the end user
and let the end user send mail with his domain, let him use SPF and related
mechanisms in such a way that makes it possible for everyone (for example
"v=spf1 +all") or for some people (authenticated SMTP, web-mail) to use the
domain name.
If the end user feels so strongly about using his own domain, let him buy his
own domain and then he has complete control over who can and can't use that
domain in outgoing email.
you're dealing with a commercial ISP? Charge $X/month for "off-net SMTP AUTH
access", set up your SPF records, and boom, you've now created a fantastic
way to transfer money from your customers' pockets into yours because
someone with their mail hosted at that ISP has absolutely zero choice (other
than going through the trouble of finding another suitable hosting provider,
and a search for a new ISP is costly too) other than to pay up their SPF
ransom. For a web hosting shop, this is even better: put in SPF records for
your customers restricting mail sending so it's only allowed from your
extra-cost SMTP relaying, and everyone who doesn't buy the extra cost SMTP
relaying service or find a provider stupid enough not to play this game will
suddenly have inbound-only email, which is hardly appropriate for a small or
larger business.
I think you're confusing DNS hosting with other forms of hosting. You can host
your web site with ISP A, while the DNS is hosted with another ISP, let's assume
ISP B (which can be for instance a free DNS provider like xname.org or
granitecanyon.net). You can then use ISP B's tools to modify your SPF record
as much as you like, to whatever you want, and you can set up your own
SMTP server (even on a dynamic address, using some dynamic DNS provider)
and do as you please, ISP A or no ISP A. Your web hosting provider, ISP A, have
no way of forcing your hand.
I had to defend the "block mail from end-user IP addresses" policies that
are common these days to a friend a few days ago - people already see those
things as a way for ISPs to screw them over, not as a way to fight spam. If
These policies exist because of header forging. Once header forging is gone,
ISPs will not be able to use that excuse to prevent you from sending mail.
Arik Baratz
System Engineer
Vidius Israel LTD.
+972 (9) 743-9250 x114
+972 (9) 743-9251
arikb(_at_)vidius(_dot_)co(_dot_)il
www.vidius.com
PortAuthorityT Server
Keeping Information Inside
This email may contain confidential information. You may not deliver this
message to anyone without my consent.
If this message is not intended for you, Please destroy this message and kindly
notify me by replying to this mail.
Anything in this message that does not relate to the official business of
Vidius is my own responsibility.
**********************************************************************
This email and attachments have been scanned for
potential proprietary or sensitive information leakage.
PortAuthority(TM) Server
Keeping Information Inside
Vidius, Inc.
www.vidius.com
**********************************************************************
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.4.txt
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname(_at_)½§Åv¼ð¦¾Øß´ë�ù1I�í-»F�qx(_dot_)com