spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Re: Military

2004-07-28 06:40:48
from [Koen Martens] [Permanent Link] 
On Wed, Jul 28, 2004 at 06:27:55AM -0700, rogerk(_at_)queernet(_dot_)org wrote:

Quoting John Keown <jdk(_at_)nni(_dot_)com>:

It is not the clients ip address that at issue but the smtp server ip
address that is important. As long as the clients is connecting to the
domains smtp server the clients ip address is not relevant.

As long as you refuse to get it through your head that there are legitimate 
and
well-informed reasons for clients to use SMTP servers that are not under the
administration of the domain provider, this entire discussion is not relevant.


I think the real discussion is: do we still want to allow this practice? Given
that it opens the floodgates to spam if embodied in an spf policy, maybe
spf is not a solution here.

What you want in those cases i think is to have something like domainkeys,
which has problems of it's own. So one does have the choice:

- leave things as they are, and accept that your domain will be 
  used for spam forgery and thus get blacklisted (coincides with
  publishing +ip4:0.0.0.0/0)
- do something like authenticated smtp if possible, or use web
  interfaces or whatever, but send out mail from the designated
  smtp servers

In both cases there _will_ be collateral damage, in the first it will be 
legitimate 
mail that will be rejected and/or bounced, mail your legitimate customers sent.
In the second case, your users will have to adapt, and sometimes this will not 
be 
possible. 

Koen

-- 
K.F.J. Martens, Sonologic, http://www.sonologic.nl/
Networking, embedded systems, unix expertise, artificial intelligence.
Public PGP key: http://www.metro.cx/pubkey-gmc.asc
Wondering about the funny attachment your mail program
can't read? Visit http://www.openpgp.org/

-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Send us money!  http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com

Attachment: pgpS7kWvGri6n.pgp
Description: PGP signature

[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Re: Military, John Keown
Next by Date:  Re: Overly broad ip range in spf - think like a spammer, David Brodbeck
Previous by Thread:  Re: Re: Military, Meng Weng Wong
Next by Thread:  Re: Re: Military, David Brodbeck
Indexes:  [Date] [Thread] [Top] [All Lists]