Clueless service restrictions (was RE: Anti-spam System Idea)
Dave Crocker
dhc at dcrocker.net
Thu Feb 19 01:07:28 UTC 2004
Guðbjörn,
>> I think that the "registration" oriented authentication mechanisms (spf,
>> rmx, lmap, etc.) can be useful only when the authenticator is the
>> hosting network provider, rather than a message author.
GSH> I think widespread use of SPF will gut the major sources of spam.
Well, it will gut a great deal of email mobility and third-party
services.
It will probably have no meaningful effect on actual spam.
For example, as you note:
GSH> Then, of course, the spammers will find other ways...
That means that _at best_ MTA author registration schemes, like SPF, are
tactical responses. The problem is that they cause a _strategic_ change
to the email semantic model; and the scaling effect of its
administration is really quite terrible.
Pretty massive effect, for such a short-term benefit.
Not to mention that, on the Internet, it is never possible to deploy
anything in a short-term time-frame.
And, oh by the way, all SPF tries to do is to authenticate the From field.
Forgive me for not being reassured that wide use of SPF will merely mean
that the spam I get will have a valid From field.
d/
--
Dave Crocker <dcrocker-at-brandenburg-dot-com>
Brandenburg InternetWorking <www.brandenburg.com>
Sunnyvale, CA USA <tel:+1.408.246.8253>
More information about the NANOG
mailing list