-----Original Message-----
From: owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[mailto:owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com] On Behalf Of
Stephen Pollei
Sent: maandag 22 november 2004 20:01
To: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
Subject: RE: [spf-discuss] Sendmail white paper
Mark wrote:
"vouching" is a laden term. SPF vouches for nothing,
except that a message with an SPF "pass" is authorized
to come from the connecting IP address. It is not an
endorsement of content.
David Woodhouse wrote
The only way SPF is actually useful in the real world is if it's
accompanied by some kind of reputation system so that people
can know that mail from 'alwaysspams.com' is bad and mail from
'neverspams.com' is good. Vouching for mail is precisely what
you're doing.
"accompanied" is the right term. I basically see the combatting of spam,
with the aid of SPF, as a two-phase project. First SPF forces people to
only use domain names in MAIL FROM: for which they are authorized. Once
that is done (or a good end on its way), RHS reputation systems, or
domain-based blocklists, come into view again. In that order; because you
cannot use RHS domain-based blocklists (on MAIL FROM:) when just everyone
can spoof your domain.
- Mark
System Administrator Asarian-host.org
---
"If you were supposed to understand it,
we wouldn't call it code." - FedEx