-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
guy wrote:
| You said:
|
|>Domains that publish strict SPF offer assurances for themselves
|>and for people receiving their e-mail that the source of the e-mail
|>is valid.
|
|
| I disagree with the above.
|
| As stated by Koen "SPF protects my domains from being used by malicious
| persons / programs, and therefore SPF is very useful for me."
|
| I agree, my domain is protected, but the people on the receiving end are
| not. They don't know if my domain is sending spam or not, or any other
| domain. But I know that no one else can send mail and pretend to be me.
|
| A side note... Since I must forward email using comcast.net, anyone else
| that has access to comcast.net can fake an email from me.
|
| In short, SPF can protect the sender, not the receiver.
|
I do not believe I said anything different than that.
The existence of configurations that do not allow for strong SPF
assertions does not weaken those that can make strong assertions,
and even in your case you can say "mx a ?a:comcast.net -all" to prevent
someone from example.com impersonating you.
Sender authentication also makes no claims as to content. It
does allow for other mechanisms (reputation and accreditation)
that do make content claims. Without sender authentication
even the best considered reputation or accreditation scheme
is useless.
- --
Daniel Taylor VP Operations Vocal Laboratories, Inc.
dtaylor(_at_)vocalabs(_dot_)com http://www.vocalabs.com/
(952)941-6580x203
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Using GnuPG with Debian - http://enigmail.mozdev.org
iD8DBQFBIksZ8/QSptFdBtURAnu1AJ9sDFsUhZh7VwjoOOymOLhLkQrN+wCfeTQx
D6pP2V8G6cwENbYtaa4akso=
=ZZb4
-----END PGP SIGNATURE-----