On Thu, 31 Jan 2008, David MacQuigg wrote:
I for one welcome any discussion relevant to SPF, and IP-based authentication
in general, but I am especially interested in how to make IP-based
authentication deliver on its original promise - an end to email forgery. If
SPF can solve the Forwarding Problem, the last excuse for senders will
disappear, and we may at last have universal, robust authentication.
There is no forwarding problem for senders. Any problems are caused
by the receiver, and while most forwarding problems receivers cause have
nothing to do with SPF, those that are related to SPF are easily avoided
by not rejecting due solely to SPF until the receiver resolves its problems.
That said, TENBOX and friends are good attempts to help large receivers
manage forwarders efficiently. My question is, since the receivers
with problems are the big ones with millions of users, why would they
listen to any proposed solutions from us?
Requirements for Solution to Forwarding Problems
1) Use IP-based authentication (signatures are a separate topic)
2) No cost or risk to Agents on Sender's side
3) Small cost or risk to Agents on Recipient's side
4) No lost mail
5) Effective
6) Minimum vulnerability to new attacks
+1 good list
--
Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flammis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.
-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Archives: http://v2.listbox.com/member/archive/735/=now
RSS Feed: http://v2.listbox.com/member/archive/rss/735/
Modify Your Subscription:
http://v2.listbox.com/member/?member_id=2183229&id_secret=92668242-7d6234
Powered by Listbox: http://www.listbox.com