----- Original Message -----
From: "Dave Crocker" <dhc(_at_)dcrocker(_dot_)net>
To: <spf-discuss(_at_)v2(_dot_)listbox(_dot_)com>
Sent: Thursday, November 18, 2004 3:08 PM
Subject: Re: [spf-discuss] Re: Electronic Frontier Foundation (EFF) Article
On Anti-Spam Technologies Mentions SPF
On Thu, 18 Nov 2004 20:56:15 +0100, Frank Ellermann wrote:
Dave Crocker wrote:
SPF essentially eliminates spontaneous scenarios, by virtue
of requiring pre-registration.
That's not true, if you want to send some mails via my ISP
(during your next spontaneous visit ;-) then it's possible:
MAIL FROM:<me(_at_)xyzzy>
From: you(_at_)dcrocker
Subject: SPF-test
bounce messages need to go to the author or the person responsible for
posting the message. it is entirely inappropriate to route bounces back to
the first mta.
in the cases i described, it would be, at best, useless to route bounce
information back to the administrators of the systems i used to create and
post the message.
Tough. The exact hole you need to set up for this behavior is exactly what
email spoofers and forgers rely on, and it has to be closed. Period.
The burden of all the forged email is so overwhelming as to be a no-brainer
to demand be fixed. SES and SRS do so well, and are the corollaries of the
SPF modem that need to enter broader use for exactly this sort of situation.