-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Wednesday 14 July 2004 08:09 am, Nico Kadel-Garcia wrote:
(3) SPF an Authentication Mechanism
Your Point:
SPF is not an authentication mechanism.
My Point:
If it isn't an authentication mechanism, then what is it?
It's a lightweight outgoing SMTP policy mechanism in the hands of the
domain owners, relying on existing and robust infrastructure for its
mechanisms.
It's still possible to lie about exactly who you are, which is why it's
not a full-blown authentication mechanism. Don't try to deal with it as
such.
How is it possible to lie? Only the domain owners are allowed to publish DNS
records for their domain. The domain owners assert via SPF that mail going
through specific servers is their mail. I must be missing the part where
someone else can publish SPF records for you, and claim mail servers you
don't trust are allowed to send email for you. I don't see how that is
possible.
- --
Jonathan M. Gardner
Mass Mail Systems Developer, Amazon.com
jonagard(_at_)amazon(_dot_)com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
iD4DBQFA9VjaBFeYcclU5Q0RAoIoAJ4r28JpVYyIpvDCe0/Rax7bmGAwGwCYnMXy
8ZsJ7curog0xf9F0pwUD5A==
=bAsE
-----END PGP SIGNATURE-----