[Asrg] Re: SPF abused by spammers

[Frank Ellermann <nobody at xyzzy.claranet.de>]

Markus Stumpf wrote:

> Microsoft claims IPR (which they did even before the group
> was chartered, btw, but everyone ignored it).

Not really,  May 20: draft-atkinson-callerid-00 published.
May 21: ASRG co-chair resigns.  May 22: IPR complaint filed.

> We have a second trump card, we play ... SPF. Tataaaa.

Sure, there's nothing wrong with spf2.0/mailfrom as long as
you don't confuse it with the FUSSP.  In theory spf2.0/pra
could also make sense if they fix their "patented" algorithm
to read four mail headers for some common cases.

> We still don't have "the anti spam solution", but hey,
> who cares or realizes this.

I care.  Back to zero bounces / out-of-office / vacation /
challenges / broken NDRs / Symantec announcing its ignorance
to the e-mail world at large / etc. per day as it was in 2003.

Instead of 1000 useless mails caused by forgeries per day.
You need a modem account and a catch-all vanity host to feel
the difference.

> everyone always says "this is the way to go", so nobody
> asks where the way will really lead to.

Again not really.  I still like your MTAMARK idea, and it's
also very interesting to watch SURBL.  And even C/R systems
could work in combination with a spf2.0/mailfrom PASS.

                          Bye, Frank



_______________________________________________
Asrg mailing list
Asrg at ietf.org
https://www1.ietf.org/mailman/listinfo/asrg