You are all forgetting that this leaves us with a valid return path and the
ability to shut that system down until it is resolved. Thus SPF has
achieved its goal.
And if the staff puts their own e-mail in the same SPF-enabled domain as
their widespread user base, they get what they deserve.
On Mon, Apr 12, 2004 at 08:26:11PM +0200, David wrote:
Hi !!
Technically, you're quite correct. Politically and socially, it's a serious
problem. This is a *BIG* issue among my "Internet libertarian" friends.
They
absolutely do not want their ISP's interfering in any way with their home
connectivity
this is not a matter of interfering the user's connectivity, they are
just saying that any of their users could forge the isp own domain email
addresses, in fact, any zoombie or hacked computer in their cable zone
would be able to forge the isp staff addresses without any problem and
this forgeries will be trusted by other isp's using spf, a totally *BIG*
security hole.
--
Best regards ...
A little inaccuracy sometimes saves tons of explanation.
----------------------------------------------------------------
David Saez Padros http://www.ols.es
On-Line Services 2000 S.L. e-mail david(_at_)ols(_dot_)es
Pintor Vayreda 1 telf +34 902 50 29 75
08184 Palau-Solita i Plegamans movil +34 670 35 27 53
----------------------------------------------------------------
-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/spf-draft-200403.txt
Wiki: http://spfwiki.infinitepenguins.net/pmwiki.php/SenderPermittedFrom/
To unsubscribe, change your address, or temporarily deactivate your
subscription, please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
--
Joe Rhett Chief Geek
JRhett(_at_)Isite(_dot_)Net Isite
Services, Inc.