On Wed, Apr 14, 2004 at 10:04:08AM -0400, Theo Schlossnagle wrote:
I see people using SPF -all as "taking a stand" against the way
forwarding is deployed now. They're saying that while current
forwarding is not in violation of any RFC, it is mechanism that requires
more trust than the current Internet can offer them a foundation for.
The mechanism is antiquated.
I publish -all.
I'm willing to have an occasional message bounce from early adopters of
SPF who haven't white-listed their non-SRS compliant forwarders, although
that hasn't happened yet. Hopefully, adopters will actually bounce the
messages, instead of scoring them in SA and bitbucketing them, but hey,
things like that already happen.
When I implement SPF checking on my own MTA, I will take care to whitelist the
hosts that I know forward to me, and I will whitelist the occasional problem
forwarder for my other users.
I already invest time in spam filtering, and whitelists, and all the other
crap the spammers force us to waste time on. I'm perfectly willing
to invest some more time in implementing something that at least has
the promise of making spam blocking easier in the future.
SPF is a well-designed solution to a widespread problem. There is no
painless way to deploy it. I, for one, am OK with that.
--
"Government big enough to supply everything you need is big enough to take
everything you have ... the course of history shows that as a government
grows, liberty decreases." -- Thomas Jefferson