Re: VGER does gradual SPF activation (FAQ matter)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Bernd Petrovitsch <[email protected]> wrote:
> On Sat, 2006-06-10 at 19:24 -0700, marty fouts wrote:

[...]

> > It doesn't work.

> It works if it is used correctly (as any tool in the world).

Right.

> The "problem" is that postmasters on the Net must do something

It took /years/ until open relays weren't common anymore... and that is a
/simple/ measure, on by default in newer upstream packages, no admin
intervention required. DNS works badly, here in Chile a mayor ISP had a
totally broken setup for many years.

>                                                                (namely
> 1) define if they want to allow others to detect forged emails claimed
> to come from their domain

They have /very/ little to gain by that, and setting it up correctly is a
mayor hassle. It breaks people sending mail "from" the domain when they
aren't there (this is rather common for people on the road), and has no
real fix. I.e., it won't ever be done. Or it will be tried, some email from
Big Cheese doesn't go through, and it will be axed.

>                           and 2) - if yes to 1) - to get appropriate SPF
> records into DNS)

Many people have no (or very little) control over their DNS data. A spammer
can then just claim it comes from one of the millions of SPF-less domains
in the world (if they don't set up their own SPFied one...). Besides,
discussions on the spamassassin lists show that SPFied email is a rather
reliable indicator of spam as things stand today...

>                   and people must either use a "good" mail relay (and
> not just the one next door) or convince postmasters to change the SPF
> records.

Won't happen.

> > It'll break standard-abiding email.

> As you see, standards change.

Yep. But SPF breaks email, not just changes the standard. For no gain at all.

> > Do you really want that?

> Yes. Especially gmail.com should do such a thing - there is such a lot
> of - presumbly forged - @gmail.com mails in my mailboxes that
> blacklisting the whole domain causes probably more good than bad (for
> me, of course).

There is spam that really comes from gmail...
-- 
Dr. Horst H. von Brand                   User #22616 counter.li.org
Departamento de Informatica                     Fono: +56 32 654431
Universidad Tecnica Federico Santa Maria              +56 32 654239
Casilla 110-V, Valparaiso, Chile                Fax:  +56 32 797513

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]
  Powered by Linux