From: Frank Ellermann [mailto:nobody(_at_)xyzzy(_dot_)claranet(_dot_)de]
Sent: Wednesday, September 14, 2005 10:07 PM
Seth Goodman wrote:
very unlikely to find any "new" argument for this troll.
As you can imagine, nobody likes being called a troll.
I use "troll" in the old sense of "highly controversional
topic resulting in a thread were all posters repeat what
they have said more than 100 times before". It's nothing
personal, I don't even recall who started this "troll"
(see subject), he probably enjoys our efforts to feed it.
Apology accepted. It's not a good idea to call someone a troll in public
unless you mean it.
I believe the thread was started by David posting a 2822 header proposal to
solve the forwarding problem. He was not trolling, it was just an idea that
he had and he decided to stick his neck out and present it to the group.
Good for him. People on this list have varying degrees of experience with
SPF and email protocols. It's not just for experts. The way the archives
are set up, it's not exactly reasonable to expect a newcomer (or anyone
else, for that matter) to search for previous discussion on a topic. That's
our problem, not theirs.
That "SPF does not work because forwarders don't like it"
horse is dead, so kicking it is IMHO no fun. Bye, Frank
Your point is valid, but there is no need to exaggerate. Recognizing that
SPF currently has a problem with forwarding, which is a small portion of
total mail traffic, is very far from saying "SPF does not work". While some
of SPF's very vocal and well-known detractors do say that (or "SPF is dead",
to be more accurate), they tend to keep these self-serving and technically
weak statements to their own lists where they safely preach to the
converted. IMHO, their criticisms are not technically strong enough to
warrant a serious reply, and they are arguably motivated by political,
rather than technical considerations. Yes, they have very big names in the
IETF and I have none, so this comment amounts to heresy. Their status
doesn't make them automatically right or immune to tunnel vision.
There _is_ a forwarding problem inherent in the SPF protocol architecture.
It will not kill SPF, but it has slowed down adoption significantly. It has
resulted in a large success in people publishing records and an equally
large failure in people utilizing SPF results on incoming, if they even
check for them. Unless you implement something like what Stuart has done
(create a user whitelisting system for forwarders plus provide local SPF
records for domains that don't publish but you want to whitelist), the best
you can do is to trust an SPF pass. Since spammers are among the early
adopters, this does not help all that much. The real value comes when you
can reject on SPF fail, but we're not there yet, largely due to the
forwarding problem.
This may have been discussed 100 times before (more like 1000 times), but
there is still not an agreed-upon solution that forwarders are willing to
adopt. This may be boring, but ignoring it won't make it go away.
--
Seth Goodman
-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com