> * No authentication scheme Bang on!
> People do, however, use it because there >currently is no realistic widely deployed alternative available. Those >that are currently available (e.g. SPF) are not widely deployed, and >in any case are far from perfect. Whilst we have no hammer, people will >keep using the screwdriver to drive in nails, and who can blame them? Another way of saying this is that every ISP who operates an SMTP server on port 25 which is willing to accept incoming email from unauthenticated sources is guilty of destroying the end-to-end model of the Internet and pushing us to a centrally controlled model where ISPs run walled gardens. It's that simple. --Michael Dillon
