spf-discuss
[Top] [All Lists]

Re: Sendmail white paper

2004-11-24 01:17:46
On Tue, 2004-11-23 at 23:54 +0100, Alex van den Bogaerdt wrote:
If you forward email to $somewhere, I do not wish to receive bounces
from $somewhere. I may not be able to communicate with $somewhere,
I have to business with $somewhere.  And I am not going to change my
mind just because you forward your mail.

Your right. Just as it is your right to cut yourself off from all
communication if you so desire and to wear your underpants on your head.

What I object to is the disingenuous SPF wizard which encourages others
to make the same decision, without warning them that they'll be throwing
away valid mail if they do. Perhaps it _is_ your right to deceive the
general public, but that doesn't mean that it _is_ right to do it.

Only yesterday I found someone who'd installed an SPF record after
looking at the SPF wizard, and without really thinking about it for
themselves. After I got them to look at what SPF actually does and apply
their _own_ brain rather than just using the wizard, of course they
removed the record.

Then they made a comment along the lines of "we just need email to be
signed by the outgoing mail servers, and the signatures checked by the
recipient". Which is of course true -- so I pointed them at DK and IIM.

Again I ask what was wrong with the alternatives? Why do you think you
need to make this particular change?

The alternative is to place a guard next to the backdoor and shoot
to kill.  I prefer the locks.  That means I can no longer just enter
my neighbours house, so be it.  It is sad but it is a reality.

I'm sorry, your analogy is lost on me. Why are DK and IIM and SES like a
guard with a gun? I think mine about IP and IPsec was better, even
though it wasn't perfect. Can you explain in more detail why you
wouldn't prefer to use a solution which doesn't have these problems?

-- 
dwmw2



<Prev in Thread] Current Thread [Next in Thread>