On Mon, 21 Feb 2005, Martin G. Diehl wrote:
I know and agree that the entire point of the SPF initiative
is to eradicate SPAM. It will probably also make it very
Wrong. The entire point is to eradicate forged email. Actually,
SPF only attempts to eradicate MAIL FROM forgery. Other protocols
like Domain Keys (and, dare I say it, SenderID) are tackling forgery of
RFC2822 headers.
Can SPF disrupt the delivery of valid eMail?
No. It only disrupts the delivery of email with forged MAIL FROM.
Unfortunately, some people have become accustomed to forging their email,
and complain bitterly when required to say where they are really sending it
from. (Ok, ok, I'm anthropomorphizing. A user might not realize that
the software they rely on forges mail - and are simply frustrated when
their email starts getting returned with mysterious errors mentioning strange
terms like unauthorized IPs, domains, and SPF.)
Have we considered how SPF might disrupt the delivery of
eMail that is not SPAM?
No, because SPF is about MAIL FROM forgery. SPAM is only peripherally related
in that authenticated MAIL FROMs are useful for whitelists, blacklists,
and domain reputation systems - which can be used to reduce spam.
--
Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.