Micorsoft's Sender ID Authentication......?

Eric A. Hall ehall at ehsco.com
Wed Jun 8 21:38:17 UTC 2005



On 6/8/2005 12:37 AM, John Levine wrote:

> I am all in favor of sender authentication, if it's real sender
> authentication.

I don't disagree with anything you said, and I certainly agree with your
closing sentiment.

Having said that, SPF and Sender-ID are useful as another hammer in the
bag-o-tricks, even if they aren't useful for everybody, or if they don't
solve everything, or if their authors misrepresent the technology, or any
of the other number of things that you didn't mention. At the least, being
able to say that mail from my domain is really only from me if it came
from my fixed server[s] is very useful, even if it does nothing else.

They are useful as proof-of-concept works, too. There have been many
demands to produce something like SPF/Sender-ID for many years (myself
included), and just having them out there is useful for research and
analysis purposes. Without them, folks would still be arguing to produce
them, at the least. As you've argued on ASRG yourself, the research is
worthwhile in and of itself, even if it produces something unexpected.

-- 
Eric A. Hall                                        http://www.ehsco.com/
Internet Core Protocols          http://www.oreilly.com/catalog/coreprot/



More information about the NANOG mailing list