spf-discuss
[Top] [All Lists]

Re: Suggest New Mechanism Prefix NUMBER to Accelerate SPF Adoption

2004-08-25 15:59:24

I just thought starting with the owner of the domain, who has a some data 
on what his customers are doing, might be a good place to start.  It might 
give confidence to owner of domain that s/he knows what probabilities are 
being applied to his customers when they are not using the designated mail 
servers.  This might help spread adoption of SPF.
 

Doesn't this go back to your original problem, though?  You were 
claiming that ISPs would never publish ~all or -all because customers' 
mail might get bounced.


Agreed if replace "never" with "contemplate risk of".



 But if an ISP publishes a probability of 
forgery other than 0


You mean other than 0.5?

In probability theory, 0.5 is neutral.


, they're taking the same risk -- except that the 
results are less predictable.

More predictable, if they publish the correct #, because you are forgetting 
there are 2 sides to this "seesaw", on one side is false positives (not 
forgeries caught) and other side is false negatives (true forgies not caught).

If they publish less than 0.5, then they put their customers at less risk of 
false positive (when those customers use different mail servers) but they 
increase their chance of being forged and lowering their reputation.

Vice versa if they publish greater than 0.5.


 All the mail might not bounce; it might 
bounce at some sites and not others, or bounce unpredictably, depending 
on the way the probability is used locally.


No probability can not be thought of anecdotally like that.