spf-discuss
[Top] [All Lists]

Re: SPF+SRS vs. BATV

2005-07-05 09:44:17
On Tue, 2005-07-05 at 12:31 -0400, John Hinton wrote:
I too had a -all record set up on one domain for 6 or 8 months. I did 
get several rejects. I made contact with some of these sysadmins to 
explain to them their errors. In about 50% of the cases, they didn't 
even know what it was, apparently it was just a 'on/off switch' to them, 
which looked like a good spam filter. I think there are going to be a 
LOT of these broken mailservers in the next year or so.

Yes. A lot of SPF advocacy has glossed over the problems which it
suffers in the real world. It's an unfortunate fact that once those
admins are forced to flip the 'on/off switch' back to 'off', they'll be
much more reluctant to try out other methods, which may have proved to
be much more useful and reliable.

I think my only choice is a ?all at present,


 followed by a ~all sometime 
in the future (as acceptance and testing is completed) and then -all 
once the world catches up. 

Right. And for the world to catch up, we really need everyone to be
doing SRS (or to have magically managed to list all possible forwarding
IP addresses despite the complexity of such a task). That's a long way
off, and as I said, will probably require RFC2821 to be updated to
mandate it.


I'm very much wanting SPF to become a 'defacto accepted internet 
standard' (i.e. actually used by largeISPs). But I am extremely 
frustrated and this has built over the months and gotten a lot worse in 
the last two weeks. I know this is my problem,  not yours, but I feel 
this is how a lot of the rest of the world must feel.

Given your frustration, do you mind if I ask you _why_ you want SPF to
become a standard? I came to the list about 18 months ago intending to
implement and advocate this shiny new thing, but soon changed my mind
when I saw how broken it was... so what made you choose SPF instead of
the myriad of alternatives?

-- 
dwmw2