wayne wrote:
In <408D10BF(_dot_)6080701(_at_)vocalabs(_dot_)com> Daniel Taylor
<dtaylor(_at_)vocalabs(_dot_)com> writes:
David Woodhouse wrote:
Basically, SPF does not work with today's email system -- it requires
everyone to start using SMTP AUTH (even when it's firewalled), and it
also requires some even more convoluted behaviour when forwarding email.
Only then does it work without any false positives such as the one you
pointed out.
Mr. Woodhouse, why do you dislike SPF so much?
Dave is pretty good about speaking for himself, but I'll respond as
much to make sure I I understand his position correctly as anythign.
One of the things Dave really doesn't like about SPF is how it forces
email forwarders to have to change even if they want nothing to do
with SPF. The forwarders are neither publish SPF records, nor
checking them, and yet they have to use something like SRS in order to
continue working.
E-mail forwarders as such can either deal with or ignore SPF.
There are several methods that an e-mail forwarder can work within
the SPF rules (such as SRS) that allow their users to use stricter SPF
filtering. But SPF is ultimately an arrangement between the original
sender and ultimate reciever for determining the validity of message
metadata. If I have users that use IEEE.org forwards and I don't
whitelist IEEE.org as a forwarder, my users will have at me. IEEE.org
can make my life easier or not, but they don't _have_ to do anything.
--
Daniel Taylor VP Operations Vocal Laboratories, Inc.
dtaylor(_at_)vocalabs(_dot_)com http://www.vocalabs.com/
(952)941-6580x203