spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Sendmail white paper, SRS, and forwarding

2004-11-22 02:14:02
from [Bruce Barnes] [Permanent Link] 
Dear List;

After reading the ongoing debate about whether SRS or SES break SPF, and
agreeing that there might be cases in which both would break SPF, I think we
must all understand that there will, no matter what we do with SPF, be
SOMEONE, somewhere, who must make a change to the manner in which their mail
server or forwarding software operates in order to adopt the SPF protocal.

In the 1960s and 1970s, when the EPA, in the United States, and the
pollution control authorities in Canada and other countries, decided that NO
LEAD gasoline was to be the new standard for automobile fuel, to be adopted
so we could literally "get the led out" of the air we breath, every car
manufacturer in the world balked about the fact that they would have to
change the way the internal combustion engine was manufactured and how it
processed gasoline, in order to properly run on formulations without the
lead additives.

That analogy having been given, in the case of SPF, I think this
organization has both the RESPONSABILITY and the RIGHT to mandate that SPF
should work with the largest common denominator of installed e-mail server
software, and both current and potential add-on products, and leave the
process of "fixing" broken FORWARDER and LIST SERVER software up to the
manufacturers of those products, in future revisions, as the SPF standard is
adopted.

It is, after all, in the greater interest, and for the greater good, of the
internet community and the billions of people throughout the world who
currently use, or will, in the future, begin to use, the already well
adopted standard of e-mail as their primary method of communication and the
transportation, distribution and dissemination, of both personal and
business information, that a valid SPF draft be agreed upon, proposed and
adopted, without any further delay, debate or debacle.

Moving forward this process of agreement, publishing and adoption does not
mean we have not both considered and discussed the fact that there are
currently know issues with FORWARDERS and LIST SERVERS that will continue to
be problems.

Moving forward this process of agreement, publishing and adoption does not
mean that every currently available e-mail server software will be able to
utilize the anti-spam and anti-phishing services provided by both the SPF-1
and SPF-2 versions, as there will be an adoption curve during which all
e-mail server software, and all add-on software for e-mail software such as
anti-spam filtering and anti-virus engines must rewrite their software to
adapt to the processes required by the SPF standards.

Such adoption might be effected via a maintenance edition or a major release
of the software in question.  Such software changes are required every day
because of code bugs and other issues that commonly are found within
existing software on an almost daily basis.

To further this already wordy and inane debate will only push the deployment
of SPF off for an indeterminable amount of time, with the inherent and
historic potential of killing the project altogether.

Instead, we must rethink what we already have, in SPF-1, the original SPF
standard by which more than 200,000 domain names have already created SPF
records and published them, according to the chart which is publicly
available at http://spf.pobox.com/adoption.html.

If we are to speed the process of the adoption of SPF along, prevent the
entire process from being beaten apart by the debate, in both this publicly
readable e-mail newsgroup, by competitive authors such as Microsoft and
other corporate entities, and in the world press, then we must pull
together, leave our personal desire for glory at the thresholds and complete
the work on the adoption of the SPR protocal that has already begun.

Bruce Barnes
ChicagoNetTech
Chicago Illinois

-----Original Message-----
From: owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[mailto:owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com]On Behalf Of David 
Woodhouse
Sent: Monday, November 22, 2004 01:07
To: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
Subject: Re: [spf-discuss] Sendmail white paper, SRS, and forwarding


On Sun, 2004-11-21 at 17:11 -0500, Chuck Mead wrote:

David Woodhouse wrote:

On Sun, 2004-11-21 at 16:47 -0500, Chuck Mead wrote:


But if SPF is doing what I want why does that mean it's broken? I am
implementing for my own domain which I have every right to control.



That's nice dear. And you also have every right to tell the list servers
they may not use your domain in the From: header when you've sent mail
to the list. And they have every right to laugh at you for that too.


But the list servers pass my mail just fine.


That's not the point. I have a _right_ to declare that the list servers
may not send mail bearing a From: header with my name and address in it.
You have the right to ignore me when I make such a silly request.

As you say, you do indeed also have the right to declare that mail hosts
to which you send mail may not send that mail on, intact, to its
ultimate destination.

You also have the right to wear your underpants on your head if you so
desire. You have the right to actually send mail from 
csm(_at_)moongroup(_dot_)com
from a host which is _not_ included in your SPF record. You have the
right to run a mail server which rejects all 'MAIL FROM:<>' and hence is
utterly broken and doesn't accept bounces.

You have all of these rights. But that is not the point. I was talking
about what makes _sense_, not what is within your rights. Do you have
trouble understanding that concept?


And you've digressed even further from the point, which was that this
brokenness is nothing new and not at all related to SES.


But your one and only point is to tear down and denigrate SPF by saying
it's broken.


Is English not your first language, or are you otherwise hard of
understanding? I was quite clearly responding to Roger's assertion that
SRS breaks SES. I was pointing out that it's not really SRS which breaks
SPF, it's just part of the normal brokenness of SPF which breaks _all_
mail setups, and it's nothing to do with SES.

My point is that this breakage has nothing to do with SES. That's all.


I say it's not because it does what I want it to do and it
works the way I want it to. If it does that for me must I still consider
it broken? According to you apparently so. I simply wish to point out
that there are many aside from me who disagree with your point of view.


It was Roger who first used the term 'breaks' in this context, at least
in this thread. I was just pointing out that the breakage is nothing
new.

--
dwmw2

-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
http://www.InboxEvent.com/?s=d --- Inbox Event Nov 17-19 in Atlanta features
SPF and Sender ID.
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Initial Voting Procedures (updated 23:15pm Nov 14 2004), jpinkerton
Next by Date:  Initial Voting Procedures - Voting for yourself, jpinkerton
Previous by Thread:  Re: Sendmail white paper, SRS, and forwarding, David Woodhouse
Next by Thread:  Re: Sendmail white paper, SRS, and forwarding, Frank Ellermann
Indexes:  [Date] [Thread] [Top] [All Lists]