-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Dick St.Peters wrote:
[...] SMTP practice was (and mostly still is) simply to do what postal
mail has done for many years before email existed. I, for one, still
think it's the Right Way, and I use SRS when forwarding only because I
have to in an SPF'd world. In the long run, "Modify MAIL FROM" will be
the doomed strategy because it amounts to lieing about whom the mail is
from.
Just as well as SMTP is modeled after postal mail, the envelope sender
address being fakeable is what makes both of them susceptible to abuse.
(The only difference being that SMTP is significantly cheaper to use and
abuse.)
Fixing postal mail is outside of our reach, however fixing SMTP isn't.
If the MAIL FROM address keeps being fakeable, it is doomed to become
meaningless.
+1
fakeable = untrustworthy ==>> ignored
-dgl-
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to http://v2.listbox.com/member/?list_id=735