IETF Logo Mail Archive

Re: [Asrg] misconception in SPF

Dave Crocker <dhc@dcrocker.net> Sun, 09 December 2012 15:02 UTC

Return-Path: <dhc@dcrocker.net>
X-Original-To: asrg@ietfa.amsl.com
Delivered-To: asrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0F4F921F85C6 for <asrg@ietfa.amsl.com>; Sun, 9 Dec 2012 07:02:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id g-HS0C-tGWcK for <asrg@ietfa.amsl.com>; Sun, 9 Dec 2012 07:02:21 -0800 (PST)
Received: from sbh17.songbird.com (sbh17.songbird.com [72.52.113.17]) by ietfa.amsl.com (Postfix) with ESMTP id 6BD2521F8538 for <asrg@irtf.org>; Sun, 9 Dec 2012 07:02:21 -0800 (PST)
Received: from [192.168.1.9] (adsl-67-127-190-125.dsl.pltn13.pacbell.net [67.127.190.125]) (authenticated bits=0) by sbh17.songbird.com (8.13.8/8.13.8) with ESMTP id qB9F2JZO015869 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for <asrg@irtf.org>; Sun, 9 Dec 2012 07:02:20 -0800
Message-ID: <50C4A7F8.3010201@dcrocker.net>
Date: Sun, 09 Dec 2012 07:02:16 -0800
From: Dave Crocker <dhc@dcrocker.net>
Organization: Brandenburg InternetWorking
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/17.0 Thunderbird/17.0
MIME-Version: 1.0
To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
References: <20121206212116.10328.qmail@joyce.lan> <50C1A95A.5000001@pscs.co.uk>
In-Reply-To: <50C1A95A.5000001@pscs.co.uk>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.0 (sbh17.songbird.com [72.52.113.17]); Sun, 09 Dec 2012 07:02:20 -0800 (PST)
Subject: Re: [Asrg] misconception in SPF
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: dcrocker@bbiw.net, Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sun, 09 Dec 2012 15:02:24 -0000

On 12/7/2012 12:31 AM, Paul Smith wrote:
> While I agree totally, I understand the OP's point about semi-tech-savvy
> people being more trusting of Twitter mail coming from
> 'bibble.twitter.com' than if it came from 'random.ru'


Strange thread.  Mostly seems to be based on using SPF in ways that it 
is not designed to be used.  It's always problematic to criticize a 
technology for failing to provide services that it is not intended to 
provide.

An essential point, above, is worrying about "semi-tech-savvy people".

First, SPF is not for end-users.  It is for receive-side operators and 
their filtering engines.

Second, embedded technologies, like SPF, cannot be mail fool-proof 
against poor use by operators who misunderstand one or another aspect of 
the technology.  Better software and better documentation are the best 
one can do for them.

This thread seems a bit like worrying about the inability of an 
automobile braking system's failure to prevent the driver from running a 
red light.

Absent a concise and compelling summary statement of the problem at 
issue here, I suggest terminating this fruitless thread.

d/

-- 
  Dave Crocker
  Brandenburg InternetWorking
  bbiw.net

v2.23.0 | Report a Bug | By Email