[top posting fixed and quotes trimmed/fixed]
In
<2A1D4C86842EE14CA9BC80474919782E01113350(_at_)mou1wnexm02(_dot_)vcorp(_dot_)ad(_dot_)vrsn(_dot_)com>
"Hallam-Baker, Phillip" <pbaker(_at_)verisign(_dot_)com> writes:
From: wayne [mailto:wayne(_at_)midwestcs(_dot_)com]
I've mentioned this before, but...
What is the problem with using
"exists:%{ir}.query.bondedsender.org" or
"-exists:%{ir}.sbl.spamhaus.org"? Why does anything new need to be
added to SPF?
You need to know that the statement is intended to be an accreditation. The
exists syntax tells you only that it is an authentication.
What receivers of email choose to consider worthy of accreditation
and/or reputation is up to them. I see little or no value in the
sender claiming accreditation. Such a claim is unlikely to change the
receivers opinion about what is trustworthy.
There is a major difference, I am not going to publish a record that says
'this is a forgery if SPEWS does not respond positively', even if SPEWS is
currently accrediting me positively.
SPF is about *authorization*, not *authentication*. It prevents
forgery *and* unauthorized use.
Domain owners who publish SPF records may well want to say that any IP
address listed in SPEWS is not *authorized* to send email claiming to
be from their domain. I would be very impressed by how white-hat such
a domain owner was, but also consider any domain owner who would uses
such an extreme system as SPEWS for authorization to be a little
crazy.
Receivers of email may consider this information when they judge the
reputation and accreditation of the sender.
I can see no real difference between "exists:" and "accredit:". A
email receiver will look at the SPF record and decide whether
"accredit:" is recognized as a good source of reputation and give it
the weight that they feel is appropriate. There is nothing that will
*force* the receivers to accept the accreditation. There is also
nothing that *stops* an email receiver from looking at the "exists:"
mechanism and treating it exactly like "accredit:".
It will be deeds, not words, that will be used to judge the reputation
of a sender. "Accredit:" is just a word.
-wayne
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.4.txt
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname(_at_)©#�«Mo\¯HÝÜîU;±¤Ö¤Íµø�?¡