nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Clueless service restrictions (was RE: Anti-spam System Idea)

From: Dave Crocker <dhc () dcrocker net>
Date: Wed, 18 Feb 2004 17:07:28 -0800

Guðbjörn,


I think that the "registration" oriented authentication mechanisms (spf,
rmx, lmap, etc.) can be useful only when the authenticator is the
hosting network provider, rather than a message author.


GSH> I think widespread use of SPF will gut the major sources of spam.

Well, it will gut a great deal of email mobility and third-party
services.

It will probably have no meaningful effect on actual spam.


For example, as you note:
GSH> Then, of course, the spammers will find other ways...


That means that _at best_ MTA author registration schemes, like SPF, are
tactical responses.  The problem is that they cause a _strategic_ change
to the email semantic model; and the scaling effect of its
administration is really quite terrible.

Pretty massive effect, for such a short-term benefit.

Not to mention that, on the Internet, it is never possible to deploy
anything in a short-term time-frame.

And, oh by the way, all SPF tries to do is to authenticate the From field.

Forgive me for not being reassured that wide use of SPF will merely mean
that the spam I get will have a valid From field.



d/
--
 Dave Crocker <dcrocker-at-brandenburg-dot-com>
 Brandenburg InternetWorking <www.brandenburg.com>
 Sunnyvale, CA  USA <tel:+1.408.246.8253>
Previous By Date Next
Previous By Thread Next

Current thread: