Søndag den 18. april 2004 23:33 skrev Seth Goodman:
mailer will likely be negligible for either SPF or SES. Since you
don't mind splitting hairs, SPF requires SRS, which requires a hash
...
It seems that my reason to be here is a bit different than most other
people here. I'm not here because I think that SPF will solve my spam
problem right now, and I'm also not here because I want to help
introducing a new technology which might become something later this
year.
I'm here for one simple reason: I believe that SPF can do something
for me, now. You like SES, because it does something for you now.
Besides SES and SPF, I also use a Challenge-Response system named
"Active Spam Killer" on some of my e-mail accounts, because it helps
me fight spam now.
So what do those technologies do:
- Active Spam Killer: Removes most spam but annoys those sending
something to me.
- SES: Removes spam hiding as bounces
- SPF: Increases the chance that my e-mails get through spamfilters
and reduces the ability of other's to abuse my e-mail address for
spam. Also, it enables my friends to whitelist my e-mail address, if
they have an SPF based filter system.
Several times, I have experienced that people got spam, sent from an
e-mail address that uses my domain name. With SPF, I can document,
that this e-mail was not from me - before SPF, I couldn't. The
recipient obviously doesn't have an SPF filter (then they wouldn't
contact me about spam), but being able to document that it wasn't me
means something.
Also, all my business contacts can whitelist my e-mails, if they have
SPF based filtering. This ensures a very high degree of trust in the
sender address. They may not trust other e-mail addresses, but they
know that they can trust mine.
Now, how do I make my business contacts and friends use SPF based
filtering? Well, SpamAssassin has it built-in in the next version.
This is extremely significant to me, because most people and
companies that I e-mail to very often, use spamassassin for
spamfiltering.
What about SES? Frankly, I don't have a big problem with fake bounce
messages - they typically get caught in my spamassassin filters.
Also, SES is not a part of spamassassin, and will therefore not be as
much deployed as SPF during 2004. One day the world might look
different, but SES doesn't solve a problem in my world right now -
SPF does.
I'm actually quite impressed by the work behind SPF. SPF is simple,
easy to deploy (getting easier all the time), marketing has been
excellent (spamassassin, aol, slashdot etc.) and the technology is
robust. My guess is, that SPF will be used to put trust to e-mails
from certain domain names in 2004, and in 2005 we will probably see
effective blacklist systems for SPF-enabled domain names, and then I
believe that spam is a non-issue at places where the e-mail admin
knows how to set up things right.
Lars.
--
Mobil: 20331241
Evt.: 70201241
Fax.: 70201242