spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Dealing with SPF problems

2005-04-04 22:28:17
from [Hector Santos] [Permanent Link] 

----- Original Message -----
From: "David MacQuigg" <dmquigg-spf(_at_)yahoo(_dot_)com>
Newsgroups: spf.-.sender.policy.framework.discussion
To: <spf-discuss(_at_)v2(_dot_)listbox(_dot_)com>
Sent: Monday, April 04, 2005 6:04 PM
Subject: Re: [spf-discuss] Dealing with SPF problems



At 02:36 PM 4/4/2005 -0700, you wrote:

This is a problem SPF is going to continue having, and not just with
Blockbuster.  Other methods have similar problems - CSV insists that the
HELO name be properly set up, with special SRV records, etc.  Imagine the
sysadmin at Blockbuster trying to decide whether to use CSV, SPF,

SenderID,

DomainKeys, ...  It's no wonder the world is ignoring email

authentication.

This is a simple issue of a poor network administration setup.  Not an SPF,
CSV or any other issue.  The #1 requirement will become "No more laziness -
Get it setup right."  Otherwise, whats the use?


I suggest we give senders the option of declaring any identity they
please.  If they chose to use the HELO or MAIL FROM identity, they can do
that by adding a flag *ID* just after the name they want to declare.  If
they want something else, they can add a string ID=<name> to either the
HELO or MAIL FROM commands.


Like the SUBMITTER.proposal.

The issue with SUBMITTER is that you go back to square one which requires
across the board changes, in which case, we might as well do it right, nix
all the ideas or put them aside, move towards a new SMTP state machine with
tighter client/server negotiations and designed security around a solid
"no-loop" system.

You can't kludge a solution into a broken system when backward compatibility
is still the #1 mandate.  You can't have it both ways.

The chain of trust must be considered in all proposals David:

        MUA --> MSA ---> MTA ---> ..... ----> MDA

For a SUBMITTER like ideas,  a SUBMITTER=change is required  for each
domain::ip relationship change or transition along the path.  It inherently
implies  each node in the chain must be compliant with SUBMITTER.

Sincerely,

Hector Santos, CTO
Santronics Software, Inc.
http://www.santronics.com
305-431-2846 Cell
305-248-3204 Office
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Dealing with SPF problems, dejanspf
Next by Date:  Re: Dealing with SPF problems, Hector Santos
Previous by Thread:  Re: Dealing with SPF problems, Stuart D. Gathman
Next by Thread:  Re: Dealing with SPF problems, Leonard Mills
Indexes:  [Date] [Thread] [Top] [All Lists]