spf-discuss
[Top] [All Lists]

Re: Is SPF serving the best interests of the end-user?

2004-07-21 16:33:28
so since email is an arbitrary construct designed by humans, what if the spammer had to guess my phone number, as well as my hair color?

Or my zip code.

Or the last 4 digits of my SSN. Or bank account. Or utility billing number. Or my home town. Or my university...

And what if there was no particular syntax or order these questions would be asked of the spammer?

A friend or associate could easily answer enough of those questions for me to programmatically authenticate them. And I could revoke my personal authentication for this sender if I felt it was being exploited.

I'm suggesting that each email recipient be given a framework to negotiate authentication as they best see fit, be it an individual pass code, or some general 'anybody who knows me at all could get a message through'. Like in real life, some people would be hard to access; others would be easy to access.

        Nevin





On Jul 21, 2004, at 4:16 PM, Roger B.A. Klorese wrote:

spf(_at_)nevster(_dot_)net wrote:

Yes, I'm suggesting that if a user wants to participate in the great big real-world email system, spam-free, that the end-user be given an open-ended, reasonable-to-use framework that suggests, if not compels him to put effort into defining an individual method of letting his contacts authenticate themselves for him. Much like real life.

If I want to enable someone to converse with me in real life, I have to provide my party a phone number, and an address, or an email address. Before I provide that party such important, personal access, I would decide on entirely personal values whether it was prudent.

I would give my boss my home cell phone number, but a vendor my desk phone only.

If my bank were to call me with news of consequence, I would have them properly identify themselves.


But, on the other hand, none of these things has anything to do with what a spammer does -- there's nothing you can do to prevent them from dialing your number randomly.

-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Send us money!  http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your subscription, please go to http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com