On Sun, 30 Jan 2011, Michael Deutschmann wrote:
On Sun, 30 Jan 2011, Stuart D. Gathman wrote:
The forwarding you are concerned about is something only the
recipient can know about or initiate. Why would a sender want a message
rejected if the recipient happened to forward it to another mailbox?
But not a senseless one. A (non-VERP) sender who publishes "/all" is not
trying to break forwarding; he would be *accepting* the breakage of
forwarding in return for a much higher efficacy in supressing forgeries.
So to paraphrase the semantics of "rawfail": even if a receiver does
not track their forwarders (a large legacy ESP, for example), rawfail
asks them to reject a message anyway.
And again, the key advantage of "/all" is not that many senders will use
it. It's to ensure that recipients don't accidentally assign rawfail
semantics to "-all", a problem that has ruined SPFv1 by deterring senders
from publishing it.
That is a bogus argument. No matter what you do, there will be receivers
that don't actually read the standard. "Rawfail" will not help with that.
No one should avoid publishing "-all" because there are clueless receivers.
It is only by missing important email that they will get off their duff
and figure out what they screwed up (likely one of the common mistakes
listed on openspf.org). Furthermore, the sender does get the reject, and
knows to take action. (Receivers that throw SPF fails or any other reject
into the bit bucket are a hopeless case.)
I do see potential usefulness in requesting that forwarded messages get
rejected. It could help ensure a direct transfer between sender and receiver,
reducing the likelihood of tampering (especially in conjuction with TLS
between the MTAs). Although signed S/MIME is *much* more reliable, typical
end users couldn't generate a key pair to save their life.
--
Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flammis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.
-------------------------------------------
Sender Policy Framework: http://www.openspf.org [http://www.openspf.org]
Modify Your Subscription: http://www.listbox.com/member/
[http://www.listbox.com/member/]
Archives: https://www.listbox.com/member/archive/735/=now
RSS Feed: https://www.listbox.com/member/archive/rss/735/2183229-668e5d0d
Modify Your Subscription:
https://www.listbox.com/member/?member_id=2183229&id_secret=2183229-a7234b15
Unsubscribe Now:
https://www.listbox.com/unsubscribe/?member_id=2183229&id_secret=2183229-98aa0fe6&post_id=20110203131254:4CD913EE-2FC1-11E0-93A8-DFB5F559ED1D
Powered by Listbox: http://www.listbox.com