[Top] [All Lists]

Re: [spf-discuss] How reliable is it to block/reject on SPF fail?

2009-12-01 07:28:34
Stuart D. Gathman wrote:
On Mon, 30 Nov 2009, Ian Eiloart wrote:

So, you'd probably want these domains hosted on some other mail server. Google
hosts my domain for free - I just pay the registration cost. I have a virtual
host, but can't be bothered to run my own mail server on it.

While this might be ok for a casual user, I don't want my mail traversing
google or any other provider in plaintext.  I suppose I could use S/MIME
or GPG, but TLS is no effort privacy measure that doesn't involve trying to
tell non-geek correspondents how to create a key pair.  When a
correspondent has a small office mail server supporting TLS, adequate privacy
is automatic.

+1: Trusting one's mailbox provider is fundamental.

There are commercial products that are "plug and play" email appliances. Unfortunately, the most popular ones have serious RFC and general stupidity issues (e.g. replying to DSNs, sending "you have a virus" replies to emails they have already identified as sent by a virus, invalid HELO name, etc, etc).

Back to Ian's car metaphor, these issues would compare to knowing the terrain, the roads, and the streets. Those appliances are buggy tom toms that users without further knowledge shouldn't rely upon.

Sender Policy Framework: http://www.openspf.org [http://www.openspf.org]
Modify Your Subscription: http://www.listbox.com/member/ 

Archives: https://www.listbox.com/member/archive/735/=now
RSS Feed: https://www.listbox.com/member/archive/rss/735/
Powered by Listbox: http://www.listbox.com

<Prev in Thread] Current Thread [Next in Thread>