On Monday 05 July 2004 12.51, Josselin Mouette wrote: > Nothing to do with the library, but I'm trying to understand the > protocol itself. If I understand correctly, the SPF prevents any > email from being sent outside the corresponding IP addresses of the > sender's domain. Am I wrong? > > If this is true, this is one of the most stupid ideas I've seen for > fighting spam. (wasn't this discussed in one of the recent spam threads here or on -isp?) SPF does nothing (almost) against spam. It can be used to fight certain forgery issues (where it would IMHO be better to just use PGP or S/MIME anyway) The only thing it can do is specify which IPs are allowed to send email with a certain domain part. And AFAICT it does this only for envelope addresses, anyway, and not for mail headers, so phishing attacks will still be possible (who looks at envelope addresses?). OTOH it *may* make sense for certain companies, they can say that their email is only to be sent over their network. But I am not clear what the benefit for those companies is. But it will really get used to force users of free web-email to use the web mail interface to send email *only* (so the banner ads can be seen...) And it breaks '.forward' style forwarding. You see, I really think it is a good and effective solution that will bring world peace and will feed the poor and ... (disclaimer: I have not really made myself familiar with all the options available in SPF. It's probably capable of doing more than I know.) greetings -- vbi -- Protect your privacy - encrypt your email: http://fortytwo.ch/gpg/intro
Attachment:
pgpy3LXYORfA4.pgp
Description: signature