SPF

John R Levine johnl@iecc.com
Sat Jul 24 02:24:16 UTC 2004


> I thought that Microsoft was promising to support the
> IETF's compromise among SPF, Caller-ID, etc.  That September date looks
> like the goal from
> http://ietf.org/html.charters/marid-charter.html

At this point I would guess that what MARID adopts will be close to SPF,
but with an option to check the 2822 From: header as well as the envelope.
The Caller ID XML stuff seems to have gone away, except perhaps as an
option that only MS will publish.

You can easily publish SPF that says anyone can send mail for your domain
from anywhere.  Problem solved (for now.)

I also agree that it's unlikely that anyone you care about will be
rejecting mail based on SPF any time soon, and I think the SPF fans will
be unpleasantly surprised when they see the bad guys' countermeasures.

For a leisurely good time, try checking the SPF data for blah.slow.sp.am.
(The blah can be anything, slow.sp.am is a real domain that fortunately
doesn't send much mail.  Yet.)

> But until MARID finally delivers, how much of the net will install SPF?

AOL will use SPF to update the IP ranges of whitelisted senders.  That's
one of the few things it's actually good for.

Regards,
John Levine, johnl@iecc.com, Primary Perpetrator of "The Internet for Dummies",
Information Superhighwayman wanna-be, http://iecc.com/johnl, Mayor
"I dropped the toothpaste", said Tom, crestfallenly.



More information about the DCC mailing list

Contact vjs@rhyolite.com by mail or use the form.