spf-discuss
[Top] [All Lists]

Re: Why will SPF stop SPAM.

2004-08-17 05:25:21
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

David Woodhouse wrote:
| On Tue, 2004-08-17 at 07:21 +0100, Paul Howarth wrote:
|
|>On its own, SPF will not stop spam
|
|
| Right.
|
And a hammer is useless for holding boards together,
but try driving nails in without one.
|
|>This is why there has been much discussion of reputation services
|>recently, which will allow domain names to be scored, so that domains
|>with reputations for sending non-spam mail can be distinguished from
|>those that don't.
|
|
| Right. So we've imposed all this breakage, and still haven't got any
| sane and actually deployable alternative to SRS for _fixing_ said
| breakage -- and we've 'reduced' the problem to basically the same
| problem as we had before. Only instead of listing IP addresses in our
| 'reputation database' we are now listing domain names.
|
| Seems like the whole exercise was fairly pointless.
|
We've been through this before Mr Woodhouse, you have
an awful lot of sour grapes to press here.
What we get with SPF is  a significant improvement. Domains
that publish strict SPF  offer assurances for themselves and
for people receiving their e-mail that the source of the e-mail
is valid.

Simply knowing that the source is valid is a monster huge
step to being able to take actions like local and pooled
reputation systems and accreditation systems with teeth.

Reducing forgery is absolutely necessary to making sure that
e-mail becomes civilized again.

- --
Daniel Taylor          VP Operations            Vocal Laboratories, Inc.
dtaylor(_at_)vocalabs(_dot_)com   http://www.vocalabs.com/        
(952)941-6580x203
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Using GnuPG with Debian - http://enigmail.mozdev.org

iD8DBQFBIfkx8/QSptFdBtURAtAnAJ425IQ++/OmLrMG7xRrUM3js5fnRwCeIdRb
0yRcKXdYxTwlRLogwWksi+Q=
=RlR1
-----END PGP SIGNATURE-----


<Prev in Thread] Current Thread [Next in Thread>