Re: [Asrg] misconception in SPF

Dave Crocker <dhc@dcrocker.net> Mon, 10 December 2012 16:35 UTC

Return-Path: <dhc@dcrocker.net>
X-Original-To: asrg@ietfa.amsl.com
Delivered-To: asrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A4FBD21F8523 for <asrg@ietfa.amsl.com>; Mon, 10 Dec 2012 08:35:38 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.551
X-Spam-Level:
X-Spam-Status: No, score=-6.551 tagged_above=-999 required=5 tests=[AWL=0.048, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ac3TXaQs3V-Y for <asrg@ietfa.amsl.com>; Mon, 10 Dec 2012 08:35:38 -0800 (PST)
Received: from sbh17.songbird.com (sbh17.songbird.com [72.52.113.17]) by ietfa.amsl.com (Postfix) with ESMTP id 1D88121F84FC for <asrg@irtf.org>; Mon, 10 Dec 2012 08:35:38 -0800 (PST)
Received: from [192.168.1.9] (adsl-67-127-190-125.dsl.pltn13.pacbell.net [67.127.190.125]) (authenticated bits=0) by sbh17.songbird.com (8.13.8/8.13.8) with ESMTP id qBAGZakI012512 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Mon, 10 Dec 2012 08:35:37 -0800
Message-ID: <50C60F53.20608@dcrocker.net>
Date: Mon, 10 Dec 2012 08:35:31 -0800
From: Dave Crocker <dhc@dcrocker.net>
Organization: Brandenburg InternetWorking
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/17.0 Thunderbird/17.0
MIME-Version: 1.0
To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
References: <20121206212116.10328.qmail@joyce.lan> <50C1A95A.5000001@pscs.co.uk> <50C4A7F8.3010201@dcrocker.net> <CAFdugamTbTirVV2zXKOmc9oTaCS+QiTemhT=jvYJnHYscHQK7g@mail.gmail.com> <0D79787962F6AE4B84B2CC41FC957D0B20ACE6D0@ABN-EXCH1A.green.sophos> <20121209213307.D90C12429B@panix5.panix.com> <CAFduganBR_E-ui-3Xbic6F7qSmg1-Q+ideXLvb+1isLz8OF0Nw@mail.gmail.com> <CAJ4XoYd_2z+Tr9ydM0Uoy+0=NtNLX9x3Sdy-Pat9w1kiEXw_gA@mail.gmail.com>
In-Reply-To: <CAJ4XoYd_2z+Tr9ydM0Uoy+0=NtNLX9x3Sdy-Pat9w1kiEXw_gA@mail.gmail.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.0 (sbh17.songbird.com [72.52.113.17]); Mon, 10 Dec 2012 08:35:37 -0800 (PST)
Subject: Re: [Asrg] misconception in SPF
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: dcrocker@bbiw.net, Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Dec 2012 16:35:38 -0000

On 12/10/2012 6:22 AM, Dotzero wrote:
> On Sun, Dec 9, 2012 at 6:39 PM, Christian Grunfeld
> <christian.grunfeld@gmail.com> wrote:
>>
>> At my institution I have told my users to check mail headers whenever
>> possible.
>
> Not a very scalable solution for the community at large even if it
> were a good use of their time.

It is much worse than merely being not scalable.  It doesn't work at 
all, for anyone.  Absent diligent and continuing training, human 
attention-related behavior decays rapidly, to a steady state that is, at 
best, highly erratic.  Expecting /anyone/ to be attentive in the way 
described above is not realistic.  Ever.  For anyone.  No matter their 
skill level.


> Is manually checking email headers a very good use of their time?

Right.  This highlights that even if people could be expected to perform 
the task properly and always, it would be more expensive than it is worth.

d/

-- 
  Dave Crocker
  Brandenburg InternetWorking
  bbiw.net