spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Where is SPF?

2004-12-07 08:16:52
from [John Hinton] [Permanent Link] 
John Hinton wrote:
I just checked pobox and it seems that all the news/info is pretty old right now. The noise level on this list is so great, that I must apologize, but I'm really lost as to just what is happening with SPF.
Could someone provide a link to the state of affairs, like is the standard submitted, what is the anticipated 'go-live' date and just a general overview of where we are at the moment and what we service providers should be doing?
Seems like a simple question that needs to be asked with all the tail spinning due the the M$ patents. Perhaps a weekly summary would be a good thing? I must apologize. I'm sure it is all there in the digests... but, I really have so much on me right now that I just don't have time to go back and read the whole archive. Meanwhile, January 1st approacheth! :)
Sorry to reply to my own post. I'm really surprised this only got one response.
I guess what bothers me is the 'word on the street' is SPF is no standard and so we aren't even looking at it and doubt that it will ever become a standard.
That said, I'm a small hosting provider with about 400 hosting accounts. I'm sorry, but I simply need a 'report' on the state of affairs. I just can't keep up with this list.
Now, before you go off and tell me to read the archives, I would suggest that we think about all the providers out there who are not on this list. They are totally blind as to what is going on. This does leave the door wide open for Microsoft to push its Sender-ID on all of us 'uninformed'. All they have to do is require sender authentication on hotmail and MSN, and I'll be forced to put up records so our clients can be properly served. Yes, I do know all 'I' have to do it put up SPF records, but those who are uninformed will likely be taken by some bounce message off to a howto on setting up a Sender-ID record.
I know (or hope I know) the main players out there are aware of SPF and seem to be heading in that direction. But, if we want SPF to become the defacto standard, I think we desparately need some public information on where SPF is right now. PR for SPF.... there seems to be none readily available right now (September news is very old and inaccurate now). Ever since the Sender-ID tailspin occurred, SPF has been disjointed and without a clear direction.
I also expect, that a sender authentication line in 'all' dns entries will become a must. Just like reverse DNS has become a standard for ISPs like AOL, we must have rev dns entries. Not a bad thing. I personally am looking forward to the day when AOL and others do start bouncing messages with no authentication record. At that point, I can start doing the same on my systems, perhaps 6 months later after the world catches up.
Now, I'm not trying to start a flame war please.... But instead, please understand that I desparately want SPF to succeed. I envision that success as hinging in having good information readily available to the general public. I know it will take work to put together, but this bit of work might be the only thing that actually keeps SPF alive and saves the huge number of hours of work already put into the project. I'm really concerned.
Again, please no flames... I'm not trying to be critical of all the work that has been done.. But when I post questions about SPF to other active lists, such as Whitebox EL, there is nothing but a baaa humburg coming back, with a 'it will never happen'. I personally think it IS going to happen, but I just don't want to see it happen as Sender-ID, and then in five or six years, when the whole world is on it, suddenly something about it is changed and you have to run an Exchange server to be compliant. (can you say IE? where is Netscape these days? can you say WordPerfect? and on and on).
Meng went a long way to try to bring on board major players. Some sacrafice was made. It blew up. That is the world of politics, particularly when dealing with a company that likely has more lawyers than developers. I commend Meng for his direction and insight in that world. Right or wrong, a system like this will not work if people don't use it. I just think it is time to have something for the people to read. Please help the public understand, so this open standards system can come to fruition.
And please, lets not pick this email to death on sniggly details (some of which might not be accurate as I'm lost at the moment), increasing the noise level on this list. I'm only trying to provide my insight as a very interested bystander, who is hoping to make good use of SPF. 

Respectfully,
John Hinton
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Re: RFC 2821 and responsibility for forwarding, David Woodhouse
Next by Date:  Re: Where is SPF?, David Woodhouse
Previous by Thread:  Re: Where is SPF?, Stephane Bortzmeyer
Next by Thread:  Re: Where is SPF?, David Woodhouse
Indexes:  [Date] [Thread] [Top] [All Lists]