spf-discuss
[Top] [All Lists]

[spf-discuss] SPF Platform

2006-01-16 15:21:29
I see two areas where SPF needs to move ahead.  

1) Myths and misconceptions in the media.  My experience on the SPF-help
site has been an eye opener.  Keeping the FAQ updated and accessible is
very important.  (I need to check the current FAQ on the new site for my
list of common questions.)  Examples:

 1a) The most common misconception is that people think that there must be
a central site somewhere that decides which mail to reject.  (Like an
RBL, and would I please remove them from the "blacklist".)  The concept 
of *Sender* policy is difficult to get across to Joe Enduser.

 1b) Mail servers supporting "vanity" domains (which are actually a
requirement for a small business to maintain a professional image) should
support SMTP AUTH.  This is the easiest way for end users to send SPF
authenticated mail from their small business from home.  (Other solutions
include SSH tunnel, VPN, and including ISP in SPF record.)

 1c) SPF is *not* Sender-ID.  When Hotmail says "this messages cannot be 
verified by Sender-ID", contacting the SPF help line won't help (other
than explaining why Sender-ID is less than useful as implemented).

 1d) You cannot check the connect IP of your gateway server for SPF - 
unless your goal is to accept only spam mail.  You must treat non-SRS 
forwarders (that you have authorized) as gateway servers.

2) Integration with other protocols.  I have a prototype GOSSiP based
reputation service running.  I would like to see a light weight easily
deployed "stub" DNS server for integration with SES.  When SPF classic is
finally *the* RFC for basic SMTP envelope authentication (or authorization
- I don't want to get into that argument), I want to see support for
listing which rfc2822 authentication protocols the senders also supports
in the next version.

3) I am relatively clueless about the RFC process.  Make sure you vote in
one of the 5 who isn't.  :-)

-- 
              Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
    Business Management Systems Inc.  Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.

-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com

<Prev in Thread] Current Thread [Next in Thread>
  • [spf-discuss] SPF Platform, Stuart D. Gathman <=