-----Original Message-----
From: owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[mailto:owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com]On Behalf Of James
Couzens
Sent: Sunday, November 21, 2004 7:49 AM
To: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
Subject: Re: [spf-discuss] Sendmail white paper
On Sat, 2004-11-20 at 10:53 -0500, Chuck Mead wrote:
Michael Weiner wrote:
On Sat, 2004-11-20 at 14:14 +0000, Roy Badami wrote:
It seems to be the season for white papers.
Sendmail Inc have released a white paper entitled "Sender
Authentication Deployment Recommendations"
http://www.sendmail.net/tools/Sendmail_Auth_Reco_wp.pdf
Thanks for the URL, and you are right, seems that
Christmas is here
early :-)
They recommend ~all instead of -all.
Bah! What good is it?
Publishing -all is not wise. SPF is _BROKEN_ please remember this.
There is much forwarding going on and SPF checks failing, and
the number
of domains publishing is still less than 5% of all domains...
SPF is only broken if you don't have SES installed (or it is contrary to your
domains policy to
allow forwarding). Please state all the facts when making a blanket statement
like that.
SPF can only be accurately used to give an IDEA as to the
legitimacy of
an e-mail. Any positive or negative action taken based on an
SPF result
is risky business, and I'm disappointed to see people publishing -all,
WRONG:
I admin MANY domains, most are for websites only, and the websites domain
should never, ever have
emails sent from them. Any emails from those domains, forwarded or otherwise,
are forgeries. Those
domains should and do have -all, to accomodate victims being able to reject any
email from them.
and further to see people complaining about email being dropped by
servers treating -all in a nazi like fashion and rejecting email which
is clearly legitimate although also clearly a "forgery" in the sense
that it came through a forwarder.
Agreed, the over-zealous are a problem, but mostly they are just hurting
themselves.
Terry Fielder
Manager Software Development and Deployment
Great Gulf Homes / Ashton Woods Homes
terry(_at_)greatgulfhomes(_dot_)com
Fax: (416) 441-9085
Cheers,
James
--
James Couzens,
Programmer
((__)) __\|/__ __|-|__ '. ___ .'
(00) (o o) (0~0) ' (> <) '
---nn-(o__o)-nn---ooO--(_)--Ooo--ooO--(_)--Ooo---ooO--(_)--Ooo---
http://libspf.org -- ANSI C Sender Policy Framework library
http://libsrs.org -- ANSI C Sender Rewriting Scheme library
-----------------------------------------------------------------
PGP: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x7A7C7DCF
-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
http://www.InboxEvent.com/?s=d --- Inbox Event Nov 17-19 in
Atlanta features SPF and Sender ID.
To unsubscribe, change your address, or temporarily
deactivate your subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com