Stephen Gran wrote:
If mail admins can't be bothered to do these most basic of things, what makes you htink the entire world is going to switch to using one of many competing ideas about sender verification?
Um... because AOL, Yahoo, and MSN are already implementing it?Several years ago, you probably would have asked the same "why would they bother?" about admins turning off open-relay. In retrospect, the reason why they bothered is because their failure to do so started affecting mail delivery. Same thing goes for SPF. If it starts affecting delivery of your system's mail, your admin is going to start catching heat until he/she gets with the program.
Granted. This is the big gotcha to SPF, that all forwarders have to be turned into remailers. But that's not that big of an issue. Change your flat alias files so that they feed into a script.Not to mention that of course spf has major implementation problems (forwarded email being the main one, but there are others).
Well, I haven't seen any authoritative numbers recently, and you used the word "appear", so I'm going to take that with a grain of salt.b) Use the domain of the ISP of the zombie-machines.Yeah.... well, zombie machines are, IMO, outside of the scope of SPF.Well, since these appear to be the largest and fastest growing source of spam, that about kills spf off as a solution.
- Joe
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature