spf(_at_)nevster(_dot_)net wrote:
On Jul 21, 2004, at 4:48 PM, <terry(_at_)greatgulfhomes(_dot_)com> wrote:
Put the implied point still holds: Blocking at the server DOES
matter, even if your MUA's implement
protection. Every layer matters. Not having layers is, literally,
like putting all your eggs in
one basket.
I don't think I expressed an intention to exclude SPF or schemes like
it. While I have made no concerted personal effort to find flaws in the
authentication schema itself, for it's not my goal to stomp on people's
hard work, I am simply trying to point to an area where there only seems
to be a limited amount of work... In making the recipient responsible
for how accessible they are.
All well and good, but SPF isn't about the recipient per se,
it is about the sender, and letting the recipient know how likely
the sender is to be who they say they are.
The apartment building analogy is really quite good, since it reflects
how most e-mail systems are setup.
You have the apartment building (mail server) with a doorman (MTA) and
a bunch of apartments (mailboxes). A good doorman will stop people or
let them pass based on who they are. SPF is like an ID. It doesn't need
to be widespread to be useful (how many people have "Press Passes"?),
and it gives the doorman a reasonable piece of information to work
with when deciding whether to allow them through. Of course, a lazy
doorman just lets everyone through, so the ID doesn't do them any good.
OK, the analogy is stretched a bit, but aren't all analogies
stretched like a gum bubble about to explode?
--
Daniel Taylor VP Operations Vocal Laboratories, Inc.
dtaylor(_at_)vocalabs(_dot_)com http://www.vocalabs.com/
(952)941-6580x203