On Fri, 2004-06-11 at 12:59, Jonathan Gardner wrote:
[snip]
I am open to other suggestions. I would rather people had previous notice
that their emails will be ignored rather than silently dropping millions of
emails without giving due notice.
"Silently dropping millions of emails without giving due notice" is
absolutely not what SPF is about. This is about rejection before DATA
(at least, many of us hope it remains that way after the 'merger' dust
settles). I consider, and I believe you will find many members of this
mailing list will agree, 'silently dropping' email a *really* bad
thing. Rejecting or (if the PRA can be verified) bouncing are the only
alternatives that maintain any kind of confidence in email as a message
delivery system. Filtering, or 'silently dropping' messages is
something that ONLY the end user should be doing. We can tag and/or
deliver to specific user sub-mailboxes at the system level, but never
silently drop. At least, IMNSHO.
For email admins that are not paying attention to SPF and other sender
authentication schemes being discussed, frankly, they *should* be.
Because messages won't (or shouldn't) be silently dropped, but bounced
or rejected, possibly with appropriate URLs in the DSN pointing them to
to the SPF home page (or equivalent), that's all the information they
need to take action.
I find the idea of blasting an email to postmaster(_at_)* quite distasteful
and believe it would be hypocritical of us to do so, considering the
focus of this effort.
Spam (including RFC2821/RFC2822 forgeries) is most definitely on every
email admin's radar on the planet, give its shear volume. Sure there
will always be detractors, but I doubt we are going to find many people
competent in administering email systems that will be ignorant of
ongoing efforts to make spammers' lives harder.
That said, I'm sure the articles in Linux Journal were a big help.
More articles like that in other tech journals are a good thing to shoot
for. There was also a significant boost in SPF publishing after the
Spam Conference at MIT in January. More events like that where system
and email admins gather would be appropriate. Those who have press
contacts should be keeping them up to date on flag days and such. There
are a number of other avenues that can be taken, perhaps even including
a separate marketing fund that SPF could maybe take donations for?
--
-Paul Iadonisi
Senior System Administrator
Red Hat Certified Engineer / Local Linux Lobbyist
Ever see a penguin fly? -- Try Linux.
GPL all the way: Sell services, don't lease secrets