Re: Lawsuits, angry business users, and SPF stupidity.
2004-01-13 06:17:22
On Tue, Jan 13, 2004 at 11:52:39PM +1100, Chris Drake wrote:
Hi Alex,
What point am I missing? Lets say my ISP uses SPF, and someone sends
me an email outside their ISP's spf-enabled SMTP service. That's my
email that got blocked by SPF (yes - blocked - go read all the faq's -
they all end up directing you to SMTP rules like "REJECT"!)
"A" sender of the message to you
"B" owner of the domain used by A
"C" you, the recipient
"D" owner of the domain used by C
Who is in control?
A, because he chooses to use the services from B, or because he is B
B, because he controls the SPF record
C, because he chooses to use the services from D, or because he is D
D, because he controls using the SPF record
A sends out a message via an unauthorized relay? That's against the
policy as set by B and thus is illegal.
B or D set a policy that is not according to expectations? That's going
to cost them their business. A and C are, again, in control.
D can use SPF in many ways:
1: do not use it at all
2: use it to tag messages (i.e. spamassassin)
3: use it to block messages
3a with the possibility of whitelisting by the sender
3a with the possibility of whitelisting by the recipient
3c with the possibility of greylisting
3d with no possibility of whitelisting at all
I can hear you say that you are not in control because A is doing
illegal stuff? Well, A could do a number of other things wrong thus
causing the mail _to_ you (is that what you mean by "your mail" ?)
to vanish. That's nothing new.
Besides that, the FAQs admit that spammers will get around this by
using discardable domains etc, so what's the point? That's what the
spammers will do. Nothing solved.
Stop talking about spammers. SPF is about permission to use the RHS.
Of course spammers will use discardable domains. They at least stop
using _your_ domain. *That* is the point of SPF.
And please, don't top-post.
Alex
--
begin sig
http://www.googlism.com/index.htm?ism=alex+van+den+bogaerdt&type=1
This message was produced without any <iframe tags
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.4.txt
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
Re: Lawsuits, angry business users, and SPF stupidity., Wechsler
- Re[2]: Lawsuits, angry business users, and SPF stupidity., Chris Drake
- Re: Lawsuits, angry business users, and SPF stupidity., Alex van den Bogaerdt
- Re[2]: Lawsuits, angry business users, and SPF stupidity., Chris Drake
- Re: Lawsuits, angry business users, and SPF stupidity., Dan Boresjo
- Re: Lawsuits, angry business users, and SPF stupidity.,
Alex van den Bogaerdt <=
- Re: Lawsuits, angry business users, and SPF stupidity., Phil Howard
Re: Lawsuits, angry business users, and SPF stupidity., Graham Murray
Re[2]: Lawsuits, angry business users, and SPF stupidity., Rik van Riel
Re[3]: Lawsuits, angry business users, and SPF stupidity., Chris Drake
Re: Lawsuits, angry business users, and SPF stupidity., Jim Ramsay
Re: Lawsuits, angry business users, and SPF stupidity., Wechsler
Re[2]: Lawsuits, angry business users, and SPF stupidity., Chris Drake
Re: Re[2]: Lawsuits, angry business users, and SPF stupidity., Ask Bjørn Hansen
Re: Re[2]: Lawsuits, angry business users, and SPF stupidity., Mark
Re: Lawsuits, angry business users, and SPF stupidity., wayne
|
Previous by Date: |
Re: Lawsuits, angry business users, and SPF stupidity., Dan Boresjo |
Next by Date: |
Re[2]: Lawsuits, angry business users, and SPF stupidity., Chris Drake |
Previous by Thread: |
Re: Lawsuits, angry business users, and SPF stupidity., Dan Boresjo |
Next by Thread: |
Re: Lawsuits, angry business users, and SPF stupidity., Phil Howard |
Indexes: |
[Date]
[Thread]
[Top]
[All Lists] |
|
|