[Top] [All Lists]

Re: [spf-discuss] Re: Revising SOFTFAIL

2008-01-06 12:34:05
On Sun, 6 Jan 2008 10:59:56 -0700 Edmig <emgemgemg(_at_)gmail(_dot_)com> wrote:
On Jan 6, 2008 4:52 AM, Julian Mehnle <julian(_at_)mehnle(_dot_)net> wrote:

David Woodhouse wrote:

Of course the localpart can be a factor in the calculation of the
authentication result, but I know of no way that you can force a
recipient to make a distinction between the reputation of
'foo(_at_)domain(_dot_)com' and the reputation of 
'bar(_at_)domain(_dot_)com' short of
disowning one or the other.

True, there's no way to force receivers.  If they insist, they can always
choose to track reputation using only the coarsest granularity possible.
But it's always good to give them the _option_ to use a finer

I would say the option should go the other way.  A receiver shouldn't chose
*finer* granularity than what is specified by the sender, but under some
circumstances might want to chose *coarser* granularity.

"Granularity" if I understand the meaning as applied to domain names above,
should be chosen by the party most familiar with the situation at the 
- which accounts can be trusted, etc.  Legitimate enders will want course
granularity to maintain a large flow with a good reputation, and fine
granularity to isolate flows with bad reputations.  Spammers will want the
finest granularity possible - a new name for each session.

As applied to domain names, it might make sense for a receiver to *enlarge*
the granularity chosen by the sender, if for example, the sender wants one
IP per grain, and the receiver can see a block of IPs with a consistent
pattern of abuse.

No receiver is going to be bound by what a sender wants.  There are limited 
circumstancew where what the sender wants may be an input in what the 
receiver decides to do, but that's it.

Scott K

Sender Policy Framework: http://www.openspf.org
Archives: http://v2.listbox.com/member/archive/735/=now
RSS Feed: http://v2.listbox.com/member/archive/rss/735/
Modify Your Subscription: 
Powered by Listbox: http://www.listbox.com

<Prev in Thread] Current Thread [Next in Thread>