spf-discuss
[Top] [All Lists]

Re: Re: HELO versus MAILFROM results

2005-05-07 10:51:59
Daniel Taylor wrote:
Radu Hociung wrote:

Hector Santos wrote:


There are really several reasons why I oppose HELO checking with
SPF. Here they are, in order of importance, as I perceive it:

1. Checking HELO is unreliable, and may cause more mail bounced.


Nonsense.  What this suggest that ALL mail is deliverable.  It is complete
nonsense.  It there is a problem with a system, most, if not all, prudent
operations will quickly resolve the problem by correcting their system.
Most legitimate systems are NOT going to run a non-compliant server.

Please stop with the rtherotic.


Hector, I lost you here.

You're "proving" my thesis wrong by proclaiming your own theories as
correct. We will never make progress like this. You need to use PROOF to
show a theory wrong, unless very obvious it's wrong.

Of all, you are probably one of the most suited people here to come up
with RESEARCH to prove a theory wrong, given your position at
Santronics, which I understand develops mail software.

If I had log files that contained a meaningful sample size and (IP,
HELO, MAIL FROM, SPAM decision) information, I believe I could prove all
my points, but I do not have such log files.

So until you can counter my claims with some proof, I have no other sane
choice but to ignore your comments.


And vice-versa. You have hardly proven your points, you have simply made
assertions that many people here do not agree with.
Since SPF as currently implemented has clear advantages over not using
SPF you need to be clear and concise as to what changes you are really
looking for and provide convincing evidence that they are genuine
improvements over existing practice.

For myself, I really do not understand what changes you are proposing.
Yes, SPF is not a silver bullet to fix e-mail. I doubt that anyone who
is actually working with it believes that it is. But if you believe that
it needs to be changed it is up to you to explain your changes and prove
that they are an improvement over what we are already doing.

I will not be offering such proof.



Usually the burden of proof of validity of assertions is the duty of the
proponents and supporters of those assertions.

The assertion that is made is that HELO should be checked in addition to
checking MAIL FROM in all cases. It is this assertion that needs to be
proven.

This is a change introduced in the new draft, and as such it differs
from current practice.

In my view, it is the proponent's duty to offer proof of validity.


I was hoping that Hector would take chance to show to his customers,
some of whom may be reading this thread now or in the future, that he
has thoroughly researched the assumptions he makes in the software he
sells. I wouldn't have picked on him had he not strongly suggested that
I would have a foot-in-mouth problem (which is language that is not
appreciated, by the way).

I'm sorry to say, but the issue of HELO checking is subtle, and complex
at the same time, so if you do not understand why I am proposing to keep
functionality the way it is currently, I can't shrink it down more than
I have. Perhaps someone else who understands the issue will enlighten
you more than I can.

Regards,
Radu.

-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Read the whitepaper!  http://spf.pobox.com/whitepaper.pdf
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com