[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Asrg] Re: Disaster looming: SPF

To: "'Stephane Bortzmeyer'" <bortzmeyer at nic.fr>, Barry Shein <bzs at world.std.com>
Subject: RE: [Asrg] Re: Disaster looming: SPF
From: "Hallam-Baker, Phillip" <pbaker at verisign.com>
Date: Tue, 7 Dec 2004 10:39:02 -0800
Cc: asrg at ietf.org
List-archive: <http://www1.ietf.org/pipermail/asrg>
List-help: <mailto:asrg-request@ietf.org?subject=help>
List-id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-post: <mailto:asrg@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
Sender: asrg-bounces at ietf.org

My concern about SPF is that it is now a legacy system and that people need
to understand that they cannot play with it as much as they would like. SPF
has seen extensive deployment and despite the issues that broke up MARID is
still backed by all the major ISPs and every major industry thought leader -
here including OSS as industry.

The only place SPF and Sender-ID are still disputed is in the academy.
Frankly my opinion on that quarter is the same as that of Dentrassi cooks on
subjects other than cuisine and mixing drinks.

The point about authentication is not that it will stop spam but that
providing an authentication mechanism is a pre-condition for deployment of
any scheme that moves beyond content filtering and blacklists.



> -----Original Message-----
> From: asrg-bounces at ietf.org [mailto:asrg-bounces at ietf.org] On 
> Behalf Of Stephane Bortzmeyer
> Sent: Tuesday, December 07, 2004 3:35 AM
> To: Barry Shein
> Cc: asrg at ietf.org
> Subject: [Asrg] Re: Disaster looming: SPF
> 
> 
> On Mon, Dec 06, 2004 at 06:57:10PM -0500,
>  Barry Shein <bzs at world.std.com> wrote 
>  a message of 23 lines which said:
> 
> > "if it's so great why do we only hear about it in these tiresome 
> > take-on-all-comers arguments but never seem to see it achieve any 
> > progress per se?"
> 
> What sort of progress do you want?
> 
> Active mailing lists? We have, they are even too active sometimes :-)
> 
> Working implementations. There are at least three (counting 
> only free software). http://spf.pobox.com/downloads.html
> 
> Domains publishing SPF: this is something that is in the 
> hands of the domain holders, of course. But when aol.com, 
> hotmail.com, gnu.org, pobox.com, amazon.com and freebsd.org 
> use something, you can safely say it has significant deployment.
> 
> Domains checking SPF: this is something that is in the hands 
> of the mail servers managers. Trackers
> (http://spf.idimo.com/how_to-s/how_to_track.html) seem to 
> indicate that many sites already do it.
> 
> A RFC: well, this one is on the TODO list...
> 
> 
> _______________________________________________
> Asrg mailing list
> Asrg at ietf.org
> https://www1.ietf.org/mailman/listinfo/asrg
> 

_______________________________________________
Asrg mailing list
Asrg at ietf.org
https://www1.ietf.org/mailman/listinfo/asrg

Follow-Ups:
- RE: [Asrg] Re: Disaster looming: SPF
  - From: Barry Shein

Prev by Date: [Asrg] Re: Please critique my anti-spam system
Next by Date: Re: [Asrg] Re: "worm spam" and SPF
Previous by thread: [Asrg] Spam solution requirements
Next by thread: RE: [Asrg] Re: Disaster looming: SPF
Index(es):
- Date
- Thread