On Tue, 2004-11-23 at 11:20 -0600, Daniel Taylor wrote:
As are you. How many "self spams" do you get?
None.
Or do you use a local rule that excludes them that you aren't
polite enough to share with the world?
I published it as soon as I came up with it, and I also mentioned it
here. http://www.infradead.org/rpr.html
I suppose I should update that. Links to the 'SPF considered harmful'
pages which are scattered around would be useful to add. In practice
though, others have been taking the ideas further and doing useful
things with it (like defining ways to check the address which are more
lightweight than SMTP callbacks) while I've been busy with other things.
I mean, if it is good enough for your server to know that e-mail
that claims to come from you that didn't can be dropped/rejected,
why not share that information so that others can benefit?
I do. Try sending a MAIL FROM:<dwmw2(_at_)infradead(_dot_)org> to a list at
sourceforge.net, for example. As I said, others are working on better
ways to make the information available.
How are they significantly better?
Because they don't rely on the whole world suddenly 'upgrading' to do
something like SRS. That's not a realistic requirement, because email
deployment is _slow_ to change.
There's nothing wrong with suddenly declaring long-standing practices to
be 'broken' if it's _really_ necessary. Closing of open relays is an
example of that. What's silly is to make such changes when it isn't
actually required -- when you could deal with the problem in another
way.
Moving breakage from the invisible to the visible is far from pointless.
Naive forwarding is broken. It needs to be fixed. SES is one way to
fix it, SRS and Database Backed Forwarding are others.
SPF simply moves the breakage to the visible world so that we can
see it.
I'm not sure what definition of 'broken' you use when you say that
'naïve forwarding is broken'. SPF breaks it, yes. But it wasn't broken
before SPF. It was fine.
SES doesn't have anything to do with forwarding. It neither breaks nor
fixes it. Except that using SES _instead_ of SPF means you aren't
breaking forwarding of course -- but that's not really an inherent
property of SES.
--
dwmw2