David Woodhouse wrote:
On Fri, 2005-07-08 at 15:23 +0200, johnp wrote:
You seem to be confusing mail-lists and forwarding. The two scenarios are *totally*
different.
They are different, but there are massive similarities. What makes you
think I'm confused? Did you also think I was confusing IP routing and
forwarding when I mentioned that? Or do you have the same problem as
Terry has with analogy?
You said it yourself - "they are different" - therefore the analogy is totally
unreliable.
I think you're confused because you keep re-iterating the same lame arguments all the
time, without bringing any new facts to support your opinion. If you were not confused,
you would be able to substantiate your claims with hard evidence.
You appear to be the only person with a problem with analogies - maybe you can do some
exercises in the art, using forwarding as an analogy for forging.
When I join a mail-list I am aware of the fact that the headers will
be adjusted to suit the mail-list. If I don't like that I can choose
to not join the list. That is a totally different thing to a forwarder
forging my domain without my knowledge or consent.
When you post mail to an address on the Internet, outside your own local
domain, you know perfectly well that it _might_ be one of the millions
of addresses which actually get forwarded to a real mailbox elsewhere.
No - you are wrong. I will assume that you are using "you" in the form meant to indicate
"anyone" - not me personally. The normal English for that is "one". You cannot assume
that the sender "knows" that his mail might be forwarded. I am unsure of the ratio of
direct mail to forwarded mail, but I have a memory of something like 1% being forwarded.
That would mean that a sender would be entitled to consider his mail unlikely to be forged
except in 1% of cases - hardly a basis for your assumption.
If you don't like that, then you can choose not to post to addresses on
the Internet.
You are being facetious again. The whole idea is that SPF will allow people to originate
e-mails and be able to relax in the knowledge that their domain will not be forged by
*anyone* - genuine forwarder or malicious persons alike. There is no such thing as
"acceptable forgery".
I could just as well argue that the _mailing list_ is 'forging' my name
without my knowledge or consent. Yes, if I have a modicum of clue I
should have _known_ it was going to happen. It's always been like that
and I'd be silly to think I could change it. And the same goes for
forwarding.
Not true - when you signed up to the mail list you will have been fully aware because you
went through a process of reading and agreeing with the mail-list rules.
Your attempts to draw parallels between mail-lists and forwarding point to some serious
confusion in your thinking on this topic. Perhaps you would like to read up more
concerning these uses of e-mail before trying to demonstrate any more seriously flawed
analogies.
I haven't argued that normal forwarding is necessarily a good thing. If
you want to impose a massive change to the status quo, the overriding
reasons definitely need to come from your side. I'm merely observing
that you're tilting at windmills if you ask the world to change _just_
to work around flaws in your original design, in the absence of any good
reason why it was broken in the _first_ place.
That is like saying that we should allow people to drive without seatbelts because they
have been doing so for many years. But the reality is that e-mail has shown itself to have
several flaws, which now need to be resolved. Forwarding is one of them.
Basically you are wrong. Forwarding without sender rewriting is
forgery and will die in due time.
I await the replacement for RFC2822, and the ubiquitous deployment of
SRS, with eager anticipation. Good luck with that windmill :)
SRS is not up for discussion here - only SPF. There's a clue in the mail-list
name.
Slainte,
JohnP