Where I work, Mozilla is under 1% of our web traffic.
...
Actually, I find that if I validate my HTML using the W3C's page validator,
so
that I'm actually using standards-compliant HTML, it usually renders properly
in all browsers without any tweaking. It seems worth the effort
But I learned that was not buttering my bread as much as adding more
features that work in IE.
I don't think anyone would argue with that - but make sure it works in the
other browsers too.
Points well taken.
FYI...the company I work for is switching to using Mozilla Firefox almost
exclusively. The users love it -- they like the tabbed browsing and the popup
blocking. The final straw for us was when some of our machines had spyware
automatically installed via one of IE's security holes
FYI, I guess we should either hope that Microsoft forgets how to copy other
people's ideas or that Mozilla never has 95% market share so that it becomes a
security target as IE is, depending what straw you want to hang on to.
OK so what *are* we talking about here - - AccuSpam or SenderKeys?
You have very neatly avoided answering one of the crucial non-technical
questions. Who is controlling this system and it's white/black_lists?
No, I answered it very factually. I said that no one controls it.
The authority controls when it sends the auto-responses, but it may or may not
control the white or blacklists it is using (flexibility), but the MUA and the
verifiers are not controlled by one authority or by each other. It is a
cooperative system, where all 3 players have flexibility. This flexibility
does not decrease accuracy of the anti-forgery, actually it increases it
through redunancy. Perhaps if you read the SenderKeys Overview more carefully
and really think about it long and hard, else I guess wait until we put up some
graphics or other info to make it easier to wrap you mind around I guess:
http://www.accuspam.com/senderkeys.php
If your feedback is that our Overview is too difficult to grasp, then the
feedback is well taken. Any others concur?
If you have a specific question, such as you did about the "white/blacklists"
then I can answer it.
Is there a mail-list for senderkeys or accuspam (whichever we are meant to
be discussing) . If you post that in the same way as several other private
projects have done, some of this community may well join it and discuss your
system with you in the way you would like. Please don't offer a forum -
that's been aired and you would be well advised to stick to mail-lists.
First of all, the weaknesses of SPF are relevant to the SPF forum.
Otherwise your point is well taken, as of course that needs to happen.
What is wrong with a Forum?
I personally hate mailing lists (will not stay subscribed very long). I prefer
to type into a web page than have to muck in email for something that ends up
on a webpage archive any way.
Long drawn own discussions are usually reaching the point of futility or
diminishing return. We either have a solution or we do not. The main positive
feature of SPF was invented a long time ago. It is the 80/20 rule again.
We will know very soon what is the main benefit of SenderKeys and that is it.
No need to discuss it to death.
Most things in life are that way. They are either elegant and simple or they
are not worth it.
Technically - anything that's going to mean an upgrade of MUA's is going to
have to do a huge amount of patching *and* make it *dead-easy* to apply. At
that level you will be dealing with people who are point-and-click capable
only, and if it doesn't work first time every time on every operating system
on all types of hardware with all the rest of the software that the user
will have installed to mess around with his mail - well - I'm sure you get
the picture
Yeah I know that is the main problem with support SPF with "-all", then you
have to upgrade not only the MUA, but also the server and the DNS. That is why
we need SenderKeys where we only upgrade the MUA and not worry about the
incompatibles simultaneously upgrade MUA and SMTP:
http://archives.listbox.com/spf-discuss(_at_)v2(_dot_)listbox(_dot_)com/200408/0670.html
The most unwelcome part of your proposal - in my view - is the notion that I
might be blacklisted because I refuse to join in. What happens to me then?
Am I doomed to be included on your blacklist?
SenderKeys does not blacklist any one. It is an option for authorities (that
are anti-spam systems...not all authorities) that are already doing
blacklisting. Many anti-spam systems do blacklisting, so your fear is not with
SenderKeys but with anti-spam in general. You better go ask all the anti-spam
systems.
If you are asking about AccuSpam (again unrelated to SenderKeys), AccuSpam only
blacklists you for senders you do not communicate with (that a spammer is
forging for you) and you can very easily get unblacklisted when you have a need
to. Otherwise it is your advantage to be blacklisted. When you email a sender
that had blacklisted you for sending spam (only if spammer was forging you),
then you get a challenge response, which you complete to get unblacklisted.
The point is that once we have a viable anti-forgery (e.g. SPF with all domains
using "-all") or SenderKeys, then no one gets blacklisted!! All the forgery is
detected and dumped directly in the trash.
The problem with SPF is getting all domains to do "-all" is impractical. We
need SPF for some things, but we also need SenderKeys:
http://archives.listbox.com/spf-discuss(_at_)v2(_dot_)listbox(_dot_)com/200408/0670.html
I am a small-user and I want a minimum work, zero cost facility
that will tell me that the mail arriving in my inbox is actually from the
domain that it says it is. That's all I want - and that's what spf is
working up to. The jury is out on subdomains and some other issues, but
it'll be sorted out soon, I'm sure.
No it will not be sorted out because there is no way to solve the "-all"
delimma:
http://archives.listbox.com/spf-discuss(_at_)v2(_dot_)listbox(_dot_)com/200408/0670.html
SenderKeys solves it.
Fighting spam is *not* about centralised white and black listing. Your idea
of spam is different to mine, and I don't want to apply your rules, I want
to apply mine
SenderKeys does not force you to use AccuSpam or to use white and blacklists.
As a verifier, you use what every anti-spam and verification algorithm you want
to use. Complete flexibility is what SenderKeys is about. Maybe that is why
you are having difficulty grasping it. It is very generalized as stated in the
overview.
I discovered very quickly that this mail-list will respond well to you if
you are totally up-front with you background/sponsor/employer/whatever *and*
that you demonstrate a high level of competence in you work
Kind Regards,
Shelby Moore III
CEO 3Dize, Inc. (coolpage.com)
CEO DownloadFAST.com, Inc.
founder and main programmer of AccuSpam.com* (AntiViotic.com)
main programmer of Cool Page* (1998-), Art-O-Matic* (1996-8), WordUp*
(1986-90), TurboJet (1988)
contributing programmer to DownloadFAST.com* (2001-), Corel Painter* (1993-5),
Corel ArtDabbler, EOS PhotoModeler (1996), FONTZ! (1988)
shelby(_at_)coolpage(_dot_)com
* denotes major involvement in massive multi-year R&D projects with millions of
characters (1000s of pages) of code