Rob MacGregor writes: > That would be a surprise to the SPF folks, and the steady progression > of folks who're implementing it ;)
Over the years a lot of things have been surprises to the SPF folks. I'm sorry for the misinformation, but the SPF promoters have been guilty of "excessive optimism" themselves. As for folks who implement these nostrums, they'll try anything. (I don't think that's wrong, stupid, or lazy. I just don't see it as a signal that the nostrum-du-jour is useful.) > SPF and DKIM solve 2 different parts of the problem of forged emails. > Neither provides complete coverage, together they work well. Please explain. AFAICR, neither works very well with mailing lists because they're both designed on the assumption that the endpoints are directly connected (in the sense that intermediaries like Mailman must be pure relays and not add anything to header or payload). You can say that Mailman lists with value-added should re-sign, but that doesn't play very well because mailing lists are somewhat like common carriers. Making the Mailman list responsible for spam etc (which is what re-signing does) is going to kill a lot of discussion lists. ------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
