On Wed, 8 Jul 2009, Stuart D. Gathman wrote:
V-SPF is a Receiver Policy helpfully provided by the Sender (RPS). SPFv1,
on the other hand, is a Sender Policy Framework. I see big technical
problems with V-SPF/RPS due the fact that senders can't possibly know
all the implementation details and company policies of all potential
receivers.
I agree with you that G-SPF is the better protocol. But that's not the
argument.
The problem is that, like Microsoft SenderID, V-SPF is compromising the
effectiveness of G-SPF by leading senders to be timid in their SPF records.
And V-SPF is worse than SenderID in practice. Because we've been shouting
them down from the start, there are not likely many receivers who apply
v=spf1 records to PRA. Yet even today, some people on this very forum appear
to believe that V-SPF is the correct protocol, and G-SPF is the heresy.
Unfortunately, we're probably not going to really heal this mess until
v=spf3.... The root of the problem was the belief that traditional
forwarders would quickly die, making the distinction irrelevant. That was
quite arrogant in retrospect.
And I see legal problems: what if a receiver doesn't execute the
V-SPF/RPS policy exactly?
No legal force backs either V-SPF or G-SPF. The worst that can happen is
that the receiver gets blacklisted for emitting backscatter that should have
been stopped cold by V-SPF fail.
But since backscatterer.org already pounces on <> mails to spamtraps with
every possible SPF status except pass, that would make no difference.
---- Michael Deutschmann <michael(_at_)talamasca(_dot_)ocis(_dot_)net>
-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/735/=now
RSS Feed: https://www.listbox.com/member/archive/rss/735/
Powered by Listbox: http://www.listbox.com