-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hector Santos wrote:
From: "Scott Kitterman" <spf2(_at_)kitterman(_dot_)com>
I can't speak for anyone else, but since I've published a -all record, the
number of bounce messages I've gotten due to forgery of my domain names
has
gone to essentially zero (about one per week rather than dozens/hundreds
per
day). SPF works to do what it was designed to do. Reputation has NOTHING
to do with it.
I've been saying since day one - Relaxed polices are bad and it invites
trouble. As long as the relaxed provisions is around, SPF will always be
plaqued with the same issues that SMTP had with its loopholes for decades.
SPF has help closed a hole in SMTP, yet, left a window cracked open. It
never made sense to me.
In my opinion, I highly suggest at the next opportunity to begin having a
"limited" or expiration concept for the relaxed provisions. Allow them for
legitimate systems to migrate, but it can't be a perpetual policy.
In essence I agree with you (we publish strict), but I do not agree
with your conclusion.
There is a valid place for relaxed provisions during the transition
period, but it is the reputation systems that will result in the
actual change, not any arbitrary time limit.
Since relaxed provisions still say "this might be from us" forged
mail will count against reputation in any well designed reputation
system. This is obviously against the interests of the publishing
entity, so most publishers will gravitate toward strict policies
wherever they can.
However, since reputation systems are not part of SPF, I expect this
will take a while.
- --
Daniel Taylor VP Operations Vocal Laboratories, Inc.
dtaylor(_at_)vocalabs(_dot_)com http://www.vocalabs.com/
(952)941-6580x203
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFCw+618/QSptFdBtURAhH5AJ9lzN8ImnJOw0KJ3ruXtea2ClGIbwCcCbXT
ZAGDqC5GywO6PYr91ipjOLM=
=9Ahy
-----END PGP SIGNATURE-----