On Mon, 2007-08-27 at 14:58 -0700, Marc Perkel wrote:
[...]
> Some of the flaws in SPF
> The flaws in SPF are numerous and severalfold.
>
> * SPF breaks pre-delivery forwarding.
BTW the trivial solution to this problem is that your customers simply
add your mailservers to the SPF rercords.
> * SPF creates new categories of third class citizenship.
> * SPF doesn't actually address unsolicited bulk mail at all.
It was never designed for that. Alone this statement makes the whole
page propaganda.
> SPF hijacks existing DNS mechanisms.
> Rather than creating a new DNS resource record type for the new data
There is a already new one.
The next propaganda statement.
[...]
> Ironically, the official SPF answer to the question of what SPF data
> to publish in these circumstances is, effectively, to not adopt SPF:
>
> > If you run a personal domain, you can either not publish SPF records
> > at all, or set up "v=spf1 +all" for your domain, and you'll be able
> > to send mail from your laptop no matter where you are.
So what?
This merely states that mail from that domain may come from every host
in the world.
This doesn't apply to my domains and so it doesn't disturb me.
Do I filter mail from a "v=spf1 +all" domain ?
Well, perhaps, why not?
But perhaps someone with a to high number of outgoing mail servers (Does
any ISP has 1K outgoing mailservers? Probably not.) gets only points for
SA.
I purposely didn't comment on the "DNS" arguments - they apply to much
more important services as well than "SPF". And no one cares there.
So why would I care for supposedly spoofed DNS for SPF?
<sarcasm>
I also miss further reasons in the line and quality of: One could
misconfigure with typos it so it *must* be a bad thing.
</sarcasm>
It boils down to the question: Why do SPF-haters wants to support forged
emails?
Bernd
--
Firmix Software GmbH http://www.firmix.at/
mobil: +43 664 4416156 fax: +43 1 7890849-55
Embedded Linux Development and Services
