Michael Deutschmann wrote:
An attitude I'd like to see stopped is the position that since
SRS patches now exist for most MTAs, administrators should
ignore the forwarding problem and just enable receiverside SPF
checking blindly.
SRS isn't the only available strategy, but otherwise I favour
"just reject SPF FAIL, blindly or otherwise". An occasional
pseudo-551 (= user not local) bounce is no big issue from my
POV as sender with a PASS / FAIL policy.
most recipients will "break" and demand receiverside SPF be
turned off before forwarders "break" and do SRS.
That's about receivers with a broken forwarding arrangement.
For various reasons (not only SPF) forwarding is an unpopular
service, and a common way to get a similar effect is to use
auto-POP3-polling.
this attitude will inspire some senders to unnecessarily
(from our POV) use "?all" in their senderside SPF to ensure
that their mail will go through
Yes, that's the old "SPF FAIL is not for cowards" attitude.
IMO it's okay if some publishers focus on getting PASS right.
It won't help them to eliminate forgeries, but at least they
get a PASS for almost all receivers - minus the few using a
legacy forwarder before the SPF check.
we need to accept that, for now, receiverside SPF can only
be deployed by and for mail experts who can identify and
whitelist all traditional forwarders.
IBTD.
Any reaction from the candidates to this position?
If somebody feels like it, Meng's old SRS draft is really old,
an update could make sense. The BATV folks recently revived
their old draft, maybe the SES fans are now up to the task to
publish their concept as ASCII plain/text.
But actually I think that SES is dead, all that's left is a
moving target claiming to be the better DKIM while talking
about DKIM, claiming to be the original BATV while talking
about BATV, and claiming to be better than SRS while talking
about SRS.
Which might be all true, but then it's not one "SES", but a
set of very different SES-variants, with no specification
to speak of at all. For a recent summary of my thoughts see
also
news://news.spamcop.net/45B2AA76(_dot_)7F9A(_at_)xyzzy(_dot_)claranet(_dot_)de
I think that the 2821bis WG Charter debate [1,2] is the most
important issue at this time. If the planned WG is bound to
keep ESMTP as is, then mail as we know it is doomed.
Frank
1: http://permalink.gmane.org/gmane.ietf.smtp/5178
2: http://permalink.gmane.org/gmane.ietf.smtp/5180
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to http://v2.listbox.com/member/?list_id=735