On Tue, 21 Jun 2005, Hector Santos wrote:
They are checking a COMPLETELY DIFFERENT identity than MFROM. Their
new identity might have some value, but it is not MFROM.
There is no new identity. If there are were a new identity in the picture
^^^
So true. I said "completely different than MFROM". Earlier I said
"identity ... derived from ... rfc2822". So the identity is new in that
it is not identical to any rfc2822 or rfc2821 identity. But it is
derived from rfc2822, and so not new.
The moral objection to MS is not the idea of SenderID, or the PRA algorithm,
but their proposal to use SPF classic records which check
IPs for MFROM, and use them as if they checked IPs for PRA.
As to technical objections, the best way to test claims that "it won't work"
is to actually use it. So I'm all for MS rolling out SenderID, but
vandalizing the nearly 1 million SPF classic records in the process
is reprehensible (but typical for MS). It's not even "utterly"
reprehensible, like blowing up thousands of people - just "reprehensible"
(also typical for MS).
--
Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.