On Tue, 2004-11-23 at 11:49 +0100, Stefan Engelbert wrote:
Now you are kidding? Arent you?
Only partly; it's a serious point I'm trying to make.
Obviously the 'suggestion' is entirely bogus. But it's a _very_ close
analogy to SPF, and that's why I find it interesting that people here do
have sufficient wit to _instantly_ see that it has the same problems
which SPF has. I'll make it more explicit for the computationally
challenged, by putting the SPF references in parentheses.
I suddenly claim that despite what's been established practice for
decades, I have the 'right' to demand that the machines routing
(forwarding) my packets (mail) immediately stop their 'forgery' of my
address. I refuse to use some saner answer which wouldn't have such
unrealistic requirements, like IPsec (DK/IIM/SES) -- but without giving
any actual reasons why, except an enthusiastic but technically
content-free rant about how 'medicine should hurt'.
And also of course I just paper over and ignore the 'forwarding problem'
by declaring that all the routers should suddenly use NAT (SRS) despite
that fact that the vast majority of them when asked to do so will simply
declare that it's impractical and I'm nuts.
Next week I'll be able to tell you that I've been doing this for a week
now and I've received _no_ ICMP errors (bounces) due to publishing my
MAC address (-all record). That means it _must_ be working correctly and
all the routers must have stopped forging my address.
Or maybe I'll learn a little about IP and I'll use IPsec instead --
it'll give me precisely the same protection, but without the breakage.
:)
--
dwmw2