On March 12, 2024 5:37:47 PM UTC, Richard Clayton <rich...@highwayman.com>
wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>In message <d00c360a-0b4b-4353-9b9a-affd62890...@kitterman.com>, Scott
>Kitterman <skl...@kitterman.com> writes
>
>>Or, as RFC 4408 and RFC 7208 warn against, ESPs don't allow customers to send
>>mail for anything other than their own domains. ESP customers, don't use
>>ESPs
>>that do this.
>
>leaving aside how practical this advice may be and how it would be
>possible for anyone to accurately, a priori, determine the ESPs
>abilities to control their sending arrangements ...
>
>... there's also "clouds" -- where senders are documenting the entirety
>of the cloud's IP space as being a potential sending location. Although
>it might be possible to have DNS records track actual usage as resources
>are spun up and down there's obvious issues around caching.
>
>of course we might say not to use clouds that do that ... but the "that
>do that" part of the sentence would be superfluous
The first step to finding out how feasible it is would be to try it. I think
we're where we are because people haven't been even attempting to sort this
stuff out. SPF specifically, and email authentication in general, isn't
something magical. You actually have to make an effort to think it through.
Scott K
_______________________________________________
dmarc mailing list
dmarc@ietf.org
https://www.ietf.org/mailman/listinfo/dmarc
