-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Alex van den Bogaerdt wrote:
On Sat, Dec 02, 2006 at 07:30:55PM +0000, Julian Mehnle wrote:
"?all" is for wimps and for those who are unable to clearly define
their e-mail sending infrastructure (which is bad). I recommend using
it only while testing your SPF policy.
[...]
People publishing "?all" only want to authorize certain hosts without
rolling out SPF over the rest of the (not: their) infrastructure.
That's what I said, isn't it? Wimps. ;-)
After all: ?all means "treat the rest as if no policy was published".
Right.
These people have understood what is published in RFC4408 very well,
and made a careful considered decision. They deserve respect for
thinking and playing by the rules.
I do respect wimps, but that doesn't make them any less wimpy. ;-)
I disagree with, but respect, people that see more in an SPF policy
than the specification says.
Right. Still I disagree with them on the choice of not publishing a
"completely defined" policy.
An SPF "PASS" does not mean: "the email is verified". It means
"the host was authorized" and nothing more.
Well, fine, then I'm going to just assume that "the host was authorized"
and _still_ apply domain-based reputation. If a domain authorizes hosts
to send abusive e-mail on their behalf, they _will_ get blacklisted, no
matter the amount of semantical hair-splitting you throw at it.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iD8DBQFFcemywL7PKlBZWjsRAiTeAKCj5Jh9xjtT85ead+4Ngp0+jzE5GwCgjcjC
MUrlIfemsQ6piP6gCIZVpNI=
=IFbw
-----END PGP SIGNATURE-----
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to http://v2.listbox.com/member/?list_id=735