-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Alex van den Bogaerdt wrote:
On Sat, Dec 02, 2006 at 09:01:37PM +0000, Julian Mehnle wrote:
Well, fine, then I'm going to just assume that "the host was
authorized" and _still_ apply domain-based reputation. If a domain
authorizes hosts to send abusive e-mail on their behalf, they _will_
get blacklisted, no matter the amount of semantical hair-splitting you
throw at it.
When I publish "+include:provider.example", I do not, I repeat: not,
authorize a host to send abusive e-mail. SPF is not about content.
I am fully aware of that. Still, by saying "+a:host", you are authorizing
host to send mail using your domain in the envelope sender, and if mail
with that domain in the envelope sender becomes increasingly abusive,
expect receivers to reject mail with that domain in the envelope sender.
Actually I find the remark "hair-splitting" insulting. If it is
not that important to you, you should not put so much effort in
getting it your way.
Whoa, slow down a bit! Saying that you are splitting hairs should not be
taken as an insult. I merely ment to say that I think you are seeing a
difference between
"I authorized this host to use my domain in the envelope sender"
and
"I authorized this host to use my domain in the envelope sender, and
I expect receivers to start rejecting mail from that domain if it
becomes increasingly abusive"
where I don't see such a difference. What does "authorization" mean if
others can't take you seriously for it?
When I authorize a host, I am not authorizing all of its users
to forge my name. You seem to think that I am. Well, as the
RFC clearly states, an SPF policy is about the host, not about
its users.
Whatever, this is not about the RFC, it is about what hosts you authorize
to send mail using your domain in the envelope sender.
If we went by your interpretation, then you could rightfully demand that
nobody reject even some theoretical kind of "HardPass" (meaning that
cross-user forgery is being prevented) if your domain is on an abuse
black-list, because after all you just authorized the host to send mail
using your domain, and not the runaway processes on that host or the evil
hacker that just hacked your machine.
I just don't see how this concept of yours can make sense. If you want
"Pass" to mean nothing but "You can send bounces here", then what is that
worth? If there was a cross-user forgery, the bounce would go to the same
domain, but still to an innocent victim.
No. If "Pass" (+) doesn't mean that I can apply reputation, then it is
worthless.
Additionally, in stead of having to deal with billions of possible
forgers, most of them at providers I have no relationship with,
[even if cross-user forgery is possible,] I only have to worry about a
fraction of them.
Great! Only that doesn't say much for domains like aol.com, hotmail.com,
or gmail.com.
If my provider wants my money, they will remove malicious users. If they
don't, I will remove my money from them and stop authorizing their hosts.
The same goes if you take "Pass" to mean that domain reputation can be
applied.
If my provider sends mail in my name, send your bounces to me. I
authorized the host, thus I want to know about problems so that
I can act, and demand my provider acts as well.
Abuse doesn't get reported via bounces. Abuse gets reported via abuse@
addresses etc.
You say you can only authorize a host when you trust its keeper
to do the right thing using technical measures (that's how I
interpret it anyway.)
... or when you are prepared for your domain to get a bad reputation if
abusive stuff gets sent. There is no absolute trust.
However: If you rely on technical ways to prevent abuse, you could also
find yourself authorizing hosts sending spam.
Absolutely correct. And there is no way around that. No host is
absolutely secure. Not even PGP is absolutely secure: someone could steal
your private key or break the underlying crypto algorithm. Then what?
Wishing for "Pass" to only mean something that can be absolutely assured is
pointless. Either it means something useful, then there will always be
the risk of corruption, or its meaning is essentially worthless.
"Sir, how could I know he would steal our documents? I let him in here
because they said he was authorized to say he belonged to them, but now
they say he wasn't acting on their behalf!" -- What good is that?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iD8DBQFFcg9JwL7PKlBZWjsRAivOAJ9epzsJc6ax+LtE8YRPuQ8h7+9IoQCfbl7m
NIBtLXfTec+UIlac+zIXTOs=
=15a3
-----END PGP SIGNATURE-----
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to http://v2.listbox.com/member/?list_id=735