spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: MS may have fixed their SenderID/SPF wizard - Not

2004-11-11 11:49:44
from [jpinkerton] [Permanent Link] 

----- Original Message -----
From: "John Glube" <jbglube(_at_)sympatico(_dot_)ca>


In other words, the wizard is now designed to generate
v=spf1 text records as the preferred record of choice.


Yes, but incorrectly at the moment - "ip4" instead of "a" for host names.  I
wonder if that affects v=spf1 worse than v=spf2.0/PRA ???  Sorry - my
paranoia is showing again :-/



This is what Meng wanted, to build up the v=spf1 record
base. The trade off was giving MS access to the existing
base.

Of course, this simply points out the underlying flaw in
Meng signing off on core which you, I and many others
pointed out.


It's a gamble that the existing base of domains owners will not
complain/notice/be worried about MS using PRA inappropriately.  If the
gamble pays off - we get the bonus of MS publicity for v=spf1, if the gamble
doesn't pay off - we lose the existing base of records.

It's an extremely high-risk strategy, as we know, and not one I would have
recommended, but it's where we are so let's deal with it.

In the good case, where we don't get induated with help requests from people
with existing records who are having problems created by PRA, then we can
relax and say that Meng made a good call.  The problem is going to be moving
forward from that point.  Do we assume that PRA will die, and continue with
the v=spf1 records as they have been, or do we tell everyone to add "
spf2.0/pra ?all " in retrospect?  What happens then when PRA fails and MS
come up with a new idea - "son of PRA" = SOP and we have to add a record "
spf2.0/SOP ?all " to avoid it's machinations?

This strategy looks to me to be very short sighted, which is why I was
promoting the idea of the optional modifier to (dis)allow *any* protocols
which might be threatening to mangle v=spf1.

In the bad case, where we get loads of upset people and lots more just
removing v=spf1 records because PRA is not working properly?   It'll mean
the last year's hard work will have been for nothing, and spf will, indeed,
be dragged down by PRA's failure.  Who knows if it will be recoverable....


Slainte,

JohnP.
johnp(_at_)idimo(_dot_)com
ICQ 313355492
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: SRS/SES mailing lists?, jpinkerton
Next by Date:  Re: Odd Problem, Matt
Previous by Thread:  Off list re: MS may have fixed their SenderID/SPF wizard - Not, John Glube
Next by Thread:  Re: MS may have fixed their SenderID/SPF wizard - Not, Andy Bakun
Indexes:  [Date] [Thread] [Top] [All Lists]