Re: VGER does gradual SPF activation (FAQ matter)

From: Alan Cox
Date: Mon Jun 12 2006 - 05:36:19 EST

Next message: Alan Cox: "Re: [Patch] Cyclades Cleanup"
Previous message: Catalin Marinas: "Re: [PATCH 2.6.17-rc6 7/9] Remove some of the kmemleak false positives"
In reply to: David Woodhouse: "Re: VGER does gradual SPF activation (FAQ matter)"
Next in thread: Bernd Petrovitsch: "Re: VGER does gradual SPF activation (FAQ matter)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Ar Llu, 2006-06-12 am 10:18 +0200, ysgrifennodd Bernd Petrovitsch:
> No. SPF simply defines legitimate outgoing MTAs for a given domain.

No it does not. If it did it would be almost a usable idea, but it fails
because the ISP generally controls the definition and the users are more
mobile so they want to send via other paths too. Going via the users
home box is often impractical because of firewalls and also ISP controls
like dynamic IP. It is a technical solution to the wrong problem because
it was designed by people some of whom are ignorant of the real world
and the other half of whom saw it as a differentiator and a further
profit potential.

Spammers *love* SPF because they can register 30 day knock down unpaid
domains and people score them as non spam.

ISPs *love* SPF because they can enforce policies that allow them to
charge even more to users who want to do anything interesting. The fact
many of them don't allow users to control their own domain SPF or get a
fixed SPF pointing at the ISP mailhost only is not entirely that they
haven't gotten around to fixing it either.

The people who suffer from SPF are unfortunately the users. The people
its alleged to stop like it. The people it is alleged to help run
filters get richer and the users get screwed.

For Vger it isn't too bad, it'll just break all the people relaying or
cc'ing vger mail to an ISP account, and probably those people Cc'ing it
to some HTML based list archiving sites.

I find Matti's comments about "first-class citizens" distasteful. What
do you want Matti, a world where you have to be "<--- this --->" 'L33T
to post email ? Knowledge and responsibility are not the same thing, as
usenet Approved headers showed.

SPF *would* be wonderful if the users controlled SPF handling and
someone fixed the forwarding flaws in it, but neither is the case today.

Alan

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Alan Cox: "Re: [Patch] Cyclades Cleanup"
Previous message: Catalin Marinas: "Re: [PATCH 2.6.17-rc6 7/9] Remove some of the kmemleak false positives"
In reply to: David Woodhouse: "Re: VGER does gradual SPF activation (FAQ matter)"
Next in thread: Bernd Petrovitsch: "Re: VGER does gradual SPF activation (FAQ matter)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]