On Sat, 2006-06-10 at 19:24 -0700, marty fouts wrote:
[...]
> Further, while there is an RFC for SPF, it is an RFC for an
> experimental protocol. In addition to what David points out in his web
> site, SPF is controversial, and is in competition with other
> approaches. (See RFC 4408.)
Not really: http://new.openspf.org/SPF_vs_Sender_ID
> It's not widely deployed.
However "widely deployed" is defined.
It is more widely deployed than any remotely similar proposed mechanism
(including and especially SenderId - which addresses actually another
problem).
> It doesn't work.
It works if it is used correctly (as any tool in the world).
The "problem" is that postmasters on the Net must do something (namely
1) define if they want to allow others to detect forged emails claimed
to come from their domain and 2) - if yes to 1) - to get appropriate SPF
records into DNS) and people must either use a "good" mail relay (and
not just the one next door) or convince postmasters to change the SPF
records.
> It'll break standard-abiding email.
As you see, standards change.
> Do you really want that?
Yes. Especially gmail.com should do such a thing - there is such a lot
of - presumbly forged - @gmail.com mails in my mailboxes that
blacklisting the whole domain causes probably more good than bad (for
me, of course).
Bernd
--
Firmix Software GmbH http://www.firmix.at/
mobil: +43 664 4416156 fax: +43 1 7890849-55
Embedded Linux Development and Services
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
