Re: [CORE] SPF Record ...

From: Andrew Sullivan <ajs(at)crankycanuck(dot)ca>
To: pgsql-www(at)postgresql(dot)org
Subject: Re: [CORE] SPF Record ...
Date: 2006-11-19 14:31:53
Message-ID: 20061119143153.GE26583@phlogiston.dyndns.org
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-www

On Sat, Nov 18, 2006 at 03:41:03PM -0500, Dan Langille wrote:
> These are inaccurate conclusions. SPF information helps to draw a
> conclusion. Consider it a points system. Get so many points for a
> might be, none for a definitely. Get enough points, you're spam.
> SPF is most wisely used in conjunction with other information to
> reach a conclusion.

A bad conclusion, poorly supported by evidence that is costing
everyone on the Internet.

The problem, in my view, with SPF is that it doesn't actually solve
the authentication problem, _plus_ the costs it imposes are borne by
_everyone other than_ the person whose behaviour SPF is supposed to
be trying to prevent. Note that last bit: SPF is not free -- not
even if you aren't using SPF but happen to perform ANY queries (and
at least 2/5 of the Windows clients in the world do). But none of
those costs are actually paid by the would-be spammer.

A

--
Andrew Sullivan | ajs(at)crankycanuck(dot)ca
Users never remark, "Wow, this software may be buggy and hard
to use, but at least there is a lot of code underneath."
--Damien Katz

In response to

Browse pgsql-www by date

  From Date Subject
Next Message Marc G. Fournier 2006-11-19 16:45:48 Re: [CORE] SPF Record ...
Previous Message Andrew Sullivan 2006-11-19 14:28:20 Re: [CORE] SPF Record ...