} -----Original Message-----
} From: Scott Kitterman [mailto:scott(_at_)kitterman(_dot_)com]
} Sent: Sunday, April 29, 2007 12:50 PM
} To: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
} Subject: RE: [spf-discuss] (SOLVED) SPF blocking e-mails coming from an E-
} card service server
}
} On Sun, 29 Apr 2007 11:57:34 -0400 "Guy" <spf(_at_)watkins-home(_dot_)com>
wrote:
} >} -----Original Message-----
} >} From: Scott Kitterman [mailto:scott(_at_)kitterman(_dot_)com]
} >} Sent: Sunday, April 29, 2007 11:32 AM
} >} To: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
} >} Subject: Re: [spf-discuss] (SOLVED) SPF blocking e-mails coming from an
} E-
} >} card service server
} >}
} >} I would just like to say that I think that if we are going to have
} sites
} >} like
} >} e-card sites, what Dan is trying to do here is the right thing.
} >}
} >} Unless someone comes up with a way to request sign-up verification for
} an
} >} e-mail address without actually sending an e-mail, I think it's
} inevitable
} >} that someone will be able to attempt to sign someone up for an e-mail
} >} related
} >} service.
} >}
} >} Scott K
} >
} >Dan/e-card sites could generate a key and email address and request you
} send
} >the first email to register. The ecard could use SPF and whatever else
} to
} >verify that the email is not forged. Then it would send an email with a
} >confirm link or whatever they would normally do.
} >
} Wouldn't stop people from signing you up on the web for the signup mail.
How would you sign up with my email address if you had to send the first
email as me and the e-card used SPF?
} Our web site describes best practices for web generated mail. AFAICT, Dan
} has done all we asked and even donated code to make it easier for others
} to
} do the same. What he's gotten in return is a large ration of grief.
}
} Personally I'm very dissapointed in the community's reaction to Dan trying
} to do the right thing.
I don't think I am giving Dan any grief, if so, sorry. Just giving comments
or suggestions. And must of the thread is beyond me!
Guy
} If we need a best practice on validation of web entered e-mail addresses,
} let's write it up and get some consensus. Let's quit berating Dan for not
} doing stuff we haven't even bothered to write down.
}
} Scott K
-------------------------------------------
-----------------------------------------------------------------------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to http://v2.listbox.com/member/?list_id=735
Powered by Listbox: http://www.listbox.com