spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Sender ID in the news

2004-10-27 05:24:16
from [guy] [Permanent Link] 
Virus checkers and spam filters must "read" more than the headers.
A lot more!
Why is this not an issue?

Guy

-----Original Message-----
From: owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[mailto:owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com] On Behalf Of Chris 
Haynes
Sent: Wednesday, October 27, 2004 6:04 AM
To: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
Subject: Re: [spf-discuss] Sender ID in the news

 "Seth Goodman" asked:

<skip>

I still have a question for Chris.  As a forwarder, don't any of your
customers ask you to run SpamAssassin on their accounts?  What I'm getting
at is do you really need some kind of permission to inspect headers in an
automated fashion in order to detect forgery?  You're not recording

anything

that is not a forgery, so in what way are you violating privacy?  The MTA

is

scouring the headers for lack of a match to indicate forgery, but the
machine sees every byte on the way through anyway.  As long as no human

sees

the content of any email not addressed to them and the machine doesn't
record anything about non-forgeries, has there been any violation?  Is

this

like if a tree falls in the forest and no one is there to hear it ...

Forgive me if these are foolish questions, but I've never been in the
forwarding business so I've never had to think about it.



Ah, I didn't respond the first time you asked, because I rather hoped a
Forwarder would leap in and answer.

I'm not a Forwarder, so I can't answer your question from any kind of
personal
experience.

In this forum, my role is as 'volunteer-architect'.  I'm watching all the
issues
people raise and trying to distill and accommodate them.

In this area of 'opening and inspecting the message' I've noted several
posters
(Frank Ellermann amongst others) who have pointed out that some legal
juristictions (Germany? California?) appear to have concerns about these
practices.

I believe also that some US corporations have concerns about preserving
their
'common carrier' status.

I'n trying hard not to judge whether or not these concerns are valid, or
suggest
that we challenge or ignore them, but rather just see if there are any
relatively-easy ways of accommodating the concerns - hence my suggestion for
the
'implied sender authority'.

Hope this helps.

Chris Haynes


-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
http://www.InboxEvent.com/?s=d --- Inbox Event Nov 17-19 in Atlanta features
SPF and Sender ID.
To unsubscribe, change your address, or temporarily deactivate your
subscription, 
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [comment] Vote of confidence/no-confidence in Meng as SPF representative, Shane Rush
Next by Date:  Re: Development - Marketing parallelism, Hector Santos
Previous by Thread:  Re: Sender ID in the news, Chris Haynes
Next by Thread:  Re: Sender ID in the news, Chris Haynes
Indexes:  [Date] [Thread] [Top] [All Lists]