[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Asrg] Re: Disaster looming: SPF

To: asrg at ietf.org
Subject: Re: [Asrg] Re: Disaster looming: SPF
From: Devdas Bhagat <devdas at dvb.homelinux.org>
Date: Fri, 10 Dec 2004 00:25:00 +0530
In-reply-to: <41B84860.355F@xyzzy.claranet.de>; from nobody@xyzzy.claranet.de on Thu, Dec 09, 2004 at 01:43:12PM +0100
List-archive: <http://www1.ietf.org/pipermail/asrg>
List-help: <mailto:asrg-request@ietf.org?subject=help>
List-id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-post: <mailto:asrg@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
Mail-followup-to: asrg at ietf.org
Notice-requested-upon-delivery-to: devdas@dvb.homelinux.org
References: <20041126111000.GU31887@f-prot.com> <200411270654.iAR6scF14204@panix5.panix.com> <41A91C8C.59BE@xyzzy.claranet.de> <41B2630F.7040601@elvey.com> <41B3AC8C.267@xyzzy.claranet.de> <41B81DE3.9050204@elvey.com> <41B84860.355F@xyzzy.claranet.de>
Reply-to: Devdas Bhagat <devdas at dvb.homelinux.org>
Sender: asrg-bounces at ietf.org
User-agent: Mutt/1.2.5.1i

On 09/12/04 13:43 +0100, Frank Ellermann wrote:
> Matthew Elvey wrote:
> 
> >> SPF is simply a way to enumerate all IPs of
> >> MTAs using HELO do.ma.in or MAIL FROM:<user at do.ma.in>
> 
> > The drafts claim to do a lot more than that.
> 
> The essence is PASS - INCONCLUSIVE - FAIL, and for a given
> domain and SMTP dialogue any IP is in exactly one of these
> sets.  Yes, the drafts allow to construct per-user-policies
> where the LHS can play a role, and there are a lot of more
> or less useful subcategries of INCONCLUSIVE like "none",
> "unknown", "softfail", "temperror", and "permerror", but
> the essence is PASS - INCONCLUSIVE - FAIL.
> 
> > SPF is marketed as a way to identify and discard junk email.
> 
> That's like most marketing beside the point.  I'm very unhappy
> if somebody markets SPF as FUSSP, because it's not.  Getting a
> PASS is easy, only a PASS in cojunction with white lists makes
> sense.  The real power of SPF as stand-alone solution is FAIL.
> Spammers can avoid a SPF FAIL.  That's no bug, that's the idea.
> 
> >> How do you define "power user", direct-to-MX maybe ?
> > No, see comment*.
> 
> If your definition of "power user" is "anybody with more than
> one address", then my vintage '97 MUA has no problem with SPF:

What about using multiple .forwards or equivalent? Or people using the
bounce feature in mutt?

Devdas Bhagat

_______________________________________________
Asrg mailing list
Asrg at ietf.org
https://www1.ietf.org/mailman/listinfo/asrg

Follow-Ups:
- [Asrg] Re: Disaster looming: SPF
  - From: Frank Ellermann

References:
- [Asrg] "worm spam" and SPF
  - From: Fridrik Skulason
- Re: [Asrg] "worm spam" and SPF
  - From: Seth Breidbart
- [Asrg] Re: "worm spam" and SPF
  - From: Frank Ellermann
- [Asrg] Disaster looming: SPF
  - From: Matthew Elvey
- [Asrg] Re: Disaster looming: SPF
  - From: Frank Ellermann
- Re: [Asrg] Re: Disaster looming: SPF
  - From: Matthew Elvey
- [Asrg] Re: Disaster looming: SPF
  - From: Frank Ellermann

Prev by Date: Re: [Asrg] Re: Disaster looming: SPF
Next by Date: Re: [Asrg] Re: "worm spam" and SPF
Previous by thread: [Asrg] Re: Disaster looming: SPF
Next by thread: [Asrg] Re: Disaster looming: SPF
Index(es):
- Date
- Thread