Page Not Found

Error: Invalid Request

Comments

Re: Sender ID: A Tale of Open Standards and Corporate Greed? - Part I Chris Linfoot – Sep 02, 2004 1:00 AM PDT

Interesting article. Thanks. Just one minor correction and one comment, if I may…

First - that minor correction: RFC821 and RFC822 were in fact superseded by two new standards track RFCs conveniently numbered RFC2821 and RFC2822 in early 2001. As I read these though, they do not extend SMTP/MIME so much as clarify it, so you are correct that the principles of message content and transport still used today do indeed date back to the early 80s.

My comment: SPF will not reduce spam at all. In fact, that does not seem to be to me what it is intended to do. What it will do, if widely adopted, is put an end to the spoofing of sender addresses so popular with both spammers and the creators of mass mailing worms. This may be a very good thing although both types of abuser have repeatedly shown their ability to adapt. There can be little doubt that they will adapt again to an environment in which sender authentication has become widely adopted. Ultimately therefore, SPF will serve simply to defend the reputations of bona fide Internet users by preventing the use of their domains in spam and worms.

Looking forward to reading part II.

Reply | Link | Report Problems

Re: Sender ID: A Tale of Open Standards and Corporate Greed? - Part I Yakov Shafranovich – Sep 02, 2004 8:15 AM PDT

Another possible use for SPF/Sender-ID is in cojunction with reputation systems.

Reply | Link | Report Problems

Re: Sender ID: A Tale of Open Standards and Corporate Greed? - Part I The Famous Brett Watson – Sep 02, 2004 8:49 AM PDT

The question of whether and how sender identification is beneficial to the fight against spam is the subject of a paper I presented at the recent Conference on Email and Anti-Spam. If that question interests you, you can find the paper at the following address.

http://www.ceas.cc/papers-2004/140.pdf

Reply | Link | Report Problems

Re: Sender ID: A Tale of Open Standards and Corporate Greed? - Part I Paul Vixie – Sep 02, 2004 1:05 PM PDT

This whole debate is silly. There will never be a universal standard for e-mail authorship verification, no matter what IETF MARID or Microsoft do. Let a thousand flowers bloom. SPF works. Jim Miller's MAIL-FROM (which I documented here) works. Domain holders can put in metadata for all the verification styles they consider relevant, and mailserver administrators can look up the ones they consider relevant. Let's stop debating this and start implementing it. We're bogging down on questions of IPR and authorship when the fact is that a single standard isn't necessary (or possible). It's clear that IETF just can't settle this kind of controversy—but we all know that market forces can.

Reply | Link | Report Problems

Re: Sender ID: A Tale of Open Standards and Corporate Greed? - Part I Chris Linfoot – Sep 03, 2004 12:19 AM PDT

Agree entirely - and the first step in my opinion is for domain owners to publish SPF or Sender ID (or both) for all their domains, which is exactly what we are doing here.

Just to be clear though - the most immediate benefit will not be a reduction in spam, it will be a reduction in the amount of messages either delivered or bounced, purporting to be from someone other than the true originator. This in itself is a worthwhile outcome.

Reply | Link | Report Problems

To post comments, please login or create an account.