From: "AccuSpam" <support(_at_)accuspam(_dot_)com>
OK so what *are* we talking about here - - AccuSpam or SenderKeys?
Answers please???
http://www.accuspam.com/senderkeys.php
I've read and re-read it lots - and it explains little or nothing. That's
why we're asking you questions here - so please give the answer instead of
just referring us to you webpage.
Is there a mail-list for senderkeys or accuspam (whichever we are meant
to
be discussing) . If you post that in the same way as several other
private
projects have done, some of this community may well join it and discuss
your
system with you in the way you would like. Please don't offer a forum -
that's been aired and you would be well advised to stick to mail-lists.
First of all, the weaknesses of SPF are relevant to the SPF forum.
Otherwise your point is well taken, as of course that needs to happen.
What is wrong with a Forum?
I personally hate mailing lists (will not stay subscribed very long). I
prefer to type into a web page than have to muck in email for something that
ends up on a webpage archive any way.
Personal preferences is a concept the internet is all about - and you must
accomodate all users if you want a good response.
Technically - anything that's going to mean an upgrade of MUA's is going
to
have to do a huge amount of patching *and* make it *dead-easy* to apply.
At
that level you will be dealing with people who are point-and-click
capable
only, and if it doesn't work first time every time on every operating
system
on all types of hardware with all the rest of the software that the user
will have installed to mess around with his mail - well - I'm sure you
get
the picture
Yeah I know that is the main problem with support SPF with "-all", then
you have to upgrade not only the MUA, but also the server and the DNS. That
is why we need SenderKeys where we only upgrade the MUA and not worry about
the incompatibles simultaneously upgrade MUA and SMTP:
Errmm......Am I missing something here?? I didn't realise SPF needed any
plug-ins/whatever on the MUA ??
SenderKeys does not blacklist any one. It is an option for authorities
(that are anti-spam systems...not all authorities) that are already doing
blacklisting. Many anti-spam systems do blacklisting, so your fear is not
with SenderKeys but with anti-spam in general. You better go ask all the
anti-spam systems.
Maybe not - but if the concept was adopted, blacklists would be used. I do
not want to have a challenge/response system to deal with in order to get
myself off a blacklist.
If you are asking about AccuSpam (again unrelated to SenderKeys), AccuSpam
only blacklists you for senders you do not communicate with (that a spammer
is forging for you) and you can very easily get unblacklisted when you have
a need to. Otherwise it is your advantage to be blacklisted. When you email
a sender that had blacklisted you for sending spam (only if spammer was
forging you), then you get a challenge response, which you complete to get
unblacklisted.
So I send a mail - it bounces - I get a challenge - respond manually - get
confirmation of my de-blacklisting - resend my original mail ?
The problem with SPF is getting all domains to do "-all" is impractical.
We need SPF for some things, but we also need SenderKeys:
And why do you think SPF will never achieve -all on all domains? Once it is
internet standard, sysadmins will be happy to comply... One sysadmin will
deal with countless domains and e-mail accounts, so the home/business user
will see no change except the death of forgeries.
I am a small-user and I want a minimum work, zero cost facility
that will tell me that the mail arriving in my inbox is actually from
the
domain that it says it is. That's all I want - and that's what spf is
working up to. The jury is out on subdomains and some other issues, but
it'll be sorted out soon, I'm sure.
No it will not be sorted out because there is no way to solve the "-all"
delimma:
http://archives.listbox.com/spf-discuss(_at_)v2(_dot_)listbox(_dot_)com/200408/0670.html
That link is to your own mail to this list - I read it before and I don't
need my nose rubbed in it thank you.
The problem of -all will be solved - I don't know how yet, but I am
confident that the team on SPF will do it. They have managed the impossible
so far :-)
SenderKeys solves it.
But the world does not want to have to install a plug-in/patch to its mua --
even if it come with a guarantee!! There is *nothing* so precious to a
computer user than his mail client and it's history of mails received and
sent, all nicely categorised and filtered.
As a verifier, you use what every anti-spam and verification algorithm you
want to use. Complete flexibility is what SenderKeys is about. Maybe that
is why you are having difficulty grasping it. It is very generalized as
stated in the overview.
No, difficulty at all - except I'm not sure if you're selling me senderkeys
or accuspam :-/
Slainte,
JohnP.
johnp(_at_)idimo(_dot_)com
ICQ 313355492
PS - One more autoresponder and you'll be blacklisted in my spamassassin !!