On 13 Jan 2004 Marc Alaia <spf-discuss(_at_)v2(_dot_)listbox(_dot_)com> wrote:
Chris,
Maybe I can help you by presenting my simplistic view of SPF.
And my comments on this view. ;-) I just can't seem to lurk very long.
SPF allows me, as a domain owner, to tell the internet community how they
can determine than an email is actually being sent by my domain. If they
receive an email that fails the SPF check, then it did NOT come from me. If
the recipient email-server-operator decides to then discard that email, that
is their choice.
Excellent idea, leave the receiver the option of processing the mail
based on the domain owners entries in the DNS. This is a good idea and
nobody seems to have a problem with this one. The domain owner has made
the decision that they do not want any mail sent except from specific
servers. There is a good basis here for rejecting mail from any IP
address not on the list based on the desires of the owner of the domain.
Note that the owner of the domain is not the system operator, the owner
of the domain is management. A lot of system admins tend to forget this
at times. ;-)
Now what happens when you receive mail from a domain that does not
support this SPF function? or if the owner of this domain says accept
mail from all IP address? What can you assume?
1. The server does not support the option.
2. The domain owner does not care to control the sending locations of
this domain name.
What you cannot assume is that any mail that is received from these
domains is spam.
And I believe that it is the ISP's perogative what policies to implement to
run their business, contrary to what the users want. For example, in my
area, most of the broadband ISP's will NOT give out fixed IP addresses or
allow a user to run their own 'server' at home. (Inbound http, smtp, etc.)
Ok, but in my area just the opposite is the case. Comcast, SBC, AT&T and
most other cable/DSL providers will sell a fixed IP address for home use.
You can go to a third party (like bayarea.net) for DSL if the actual
connection provider does not meet your requirements.
The good thing for me is that there is one ISP that I've found that gives
out fixed IP's and doesn't care what I run on my IP (subject to decency and
abuse provisions, I'd suspect).
Yeah, you'll probably get some comment of you were to start running a
very busy porno download site processing gigs of data. ;-)
Similarly, I'm sure that you will be able to find an ISP (or
just an email provider) that won't do SPF checks. As a user
of your ISP, you are subject to the policies that they put
into effect.
You are correct, but many people do not have much choice of changing
ISPs. I can pick and chose and ISP that does what I want, there are a
lot of places where this level of choice does not exist.
I don't think that the policies and conditions of use of most ISPs though
state that they expect to block 10% of the good mail to the users. If a
user can actually point to where they are losing good mail because of the
policies of the ISP then most of the ISPs will at least start looking at
changing their policies. If a significant number of these users start
complaining then you can be sure that the policies will change. ;-)
Marc
<SNIP a LOT>
Thomas R. Stephenson, CPL Phone: (408) 742-3308
Lockheed Martin Technical Operations
MILSTAR Logistics Engineering O/M5-41 B/158
P.O. Box 61687 Sunnyvale, CA 94088-1687
Member Pegasus Mail Support Team
Thought for the day:
Beehoven composed for 43 years...then he decomposed.
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.4.txt
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡