Re: [CORE] SPF Record ...

On Sat, Nov 18, 2006 at 03:41:03PM -0500, Dan Langille wrote:
> These are inaccurate conclusions.  SPF information helps to draw a
> conclusion.  Consider it a points system.    Get so many points for a
> might be, none for a definitely.  Get enough points, you're spam.
> SPF is most wisely used in conjunction with other information to
> reach a conclusion.

A bad conclusion, poorly supported by evidence that is costing
everyone on the Internet.

The problem, in my view, with SPF is that it doesn't actually solve
the authentication problem, _plus_ the costs it imposes are borne by
_everyone other than_ the person whose behaviour SPF is supposed to
be trying to prevent.  Note that last bit: SPF is not free -- not
even if you aren't using SPF but happen to perform ANY queries (and
at least 2/5 of the Windows clients in the world do).  But none of
those costs are actually paid by the would-be spammer.

A

--
Andrew Sullivan  | ajs@crankycanuck.ca
Users never remark, "Wow, this software may be buggy and hard
to use, but at least there is a lot of code underneath."
        --Damien Katz