spf-discuss
[Top] [All Lists]

RE: SPF adoptees

2004-09-12 10:58:56
On Sat, 11 Sep 2004, Anne P.  Mitchell wrote:

IADB is *not* a whtielist.

It's a "here is information about the senders' policies and practices." 
list.

If their policies include all of their mail being confirmed opt-in, it 
tells you that. If their mail is pure opt-out it tells you that too.

But the problem is that if you simply report what they tell you to, there
is no real value in it as anti-spam measure (Ritcher also says he runs
opt-in lists - year right, as if I can believe him!) unless you're also 
willing to put your own company's reputation on the line that the info is 
correct and allow others to report its not (and then do investigations 
and take those who lied out of your list, preferably informing public of 
who was taken off as well).

So in my view, pure accreditation has no serious value and reliance on 
centralized source for such info carriers many risks (what if your
system is hacked? what about DoS? what if your company is destroyed
by great flood...?) and it it might be better to have such info on what 
mailer does directly provided by mailer (which will require new system
for reporting this information as part of SMTP or as parallel policy 
information protocol, possibly some advanced SPF).

But what is valueble is accreditation info from somebody with known 
good reputation which is basicly  somebody else saying these guys will not 
lie about who they are and what they do and after hearing that, I can 
then go directly to source, i.e. "those guys" and compare their reported 
policies to what my system would accept.

-- 
William Leibzon
Elan Networks
william(_at_)elan(_dot_)net



<Prev in Thread] Current Thread [Next in Thread>