-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Alan Maitland wrote:
Reading though the really great messages prior to my own, I have two
comments for Julian Mehnle -
you almost won me over with your argument, right up to this paragraph:
|Again, what's the difference between one being authorized to use a
| domain and one's use of a domain being authentic? Are you saying that
| there are people who are authorized to use a domain, but whose use of
| that domain isn't authentic? In other words, are you saying that the
| concept of authorizing people to forge a domain is meaningful?
I think the resistance to your argument and other like arguments tends
to come from an *unauthorized* use (e.g., a worm/virus infection or
deliberate employee sabotage) that may happen without the knowledge
and/or the permission of a domain owner who is otherwise certain about
their SPF record (to the degree they publish as -all).
When you are saying "*unauthorized*", do you mean that abuse of a user's
access to a domain identity (e.g. MTA credentials) without the user's
consent should be considered as "unauthorized" with regard to SPF? Does
that mean that no IP addresses should be _authorized_ that could, ever,
potentially emit mail that "abuses" the domain?
Or are you saying, like Dennis Willson, that mail sent from a legitimate
user's machine by a virus should be considered authorized, but not
authentic?
While the owner might control both the domain and the DNS SPF record,
they are not omnicent and cannot stop all internal and external network
attacks.
True, but this is not the point. Please name any _authentication_ method
whatsoever that can reliable detect that a user hasn't _personally_ typed
the message into the keyboard and pressed the "send" button, but that a
virus on his machine sent the message. Not even PGP can do that, yet
everybody seems to agree that PGP can assert authenticity. I don't see
the fundamental difference, though.
What about "viruses" than operate with the full knowledge and intent of the
user? Should not the domain's reputation be able to suffer from that?
Or would you go so far as to challenge the concept of reputation
altogether?
and also for Julian:
| So then what are the "Neutral" (?) and "SoftFail" (~) results for?
To me, Neutral (?) screams out "don't conclude anything about this
message because I am not at all convinced of the veracity of my
published record or SPF is important to me, but my environment won't let
me publish a SoftFail or -all".
Saying "v=spf1 ?a ?mx ?all" just for the sake of being able to publish SPF
at all? What's the point of that?
I thought the point of "Neutral" (?) was to be used for exactly those IP
addresses which should not be rejected because they are used by legitimate
users of the domain, but which cannot be considered entirely secure (e.g.
shared MTAs which don't protect against cross-user forgery).
What's the point of overloading "Pass" with "Neutral"'s meaning?
SoftFail (~) says to me, "I am reasonably certain about my SPF record,
but I am still testing or temporarily something has changed in my
network and I don't want you to lose any mail because of that temporary
change. When it is permanently changed or reversed, I'll go back to my
more authoritative (-all) record".
I roughly agree with that description of "SoftFail".
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFCn6OSwL7PKlBZWjsRAsR+AKCLwR5ZhcNIAchAoGHoT9zPLuMV1gCgtnCk
CKVgV2/f57DRPBzc4ZHGI8g=
=q9+M
-----END PGP SIGNATURE-----