On Sun, Jan 25, 2004 at 12:52 +1300, Ewen McNeill wrote:
SPF does seem to be a useful step though, as it'll reduce the number of "joe jobs". And hopefully also encourage more people to set up SMTP AUTH and the like.
This proposal got a once over from some interesting names, Dave Crocker http://www.interesting-people.org/archives/interesting-people/200306/msg0008... Brad Templeton, http://www.interesting-people.org/archives/interesting-people/200310/msg0013... who agrees with Simon and Ewen regarding its benefit, "It is very worthwhile as a system to stop people from forging your domain in their envelope-from address, and that's good for you, since it might reduce the amount of complaints you get about spam sent in your name." And points out its limitations... "In addition, this system can only authenticate the envelope sender domain, not the "From:" header on an E-mail. (If it tried to authenticate the From header, it would break mailing lists and legitimate relays.) As such, it may not even defend against many forgeries. And not have much luck on viruses either." And Steven M. Bellovin "(Note that although I'm a member of the IESG, I'm speaking as an individual. I'm not even saying how I'd vote if this document were to come before the IESG today -- IESG evaluations are a deliberative process, and I could very easily be talked out of some or all of my points.)" chimes in, http://www.interesting-people.org/archives/interesting-people/200401/msg0003... with a number of points including Don's regarding TXT RR: "The most glaring problem with SPF is the use of TXT records. TXT records are supposed to be free-form text, with no semantics attached. The use of TXT for test purposes is understandable (though regrettable -- an experimental record type code would be better); the use of TXT records for textual error messages is not. The document itself notes the problem of ordering of multi-record messages."
Ewen
Hamish. -- I never would believe that Providence had sent a few men into the world, ready booted and spurred to ride, and millions ready saddled and bridled to be ridden. -- Walt Whitman, American poet