On Mon, 6 Sep 2004, Paul Vixie wrote:
This is not a good beginning
every time i see another Final and Ultimate Solution to the Spam Problem (FUSSP, (tm) VJS) get some traction and then fall well short of its goals, i've had the same emotion: "well what the h--- did you think was going to happen?"
I'm not sure the people behind this concept (SPF, RMX, et al) ever intended it to be the FUSSP, but a lot of the ensuing enthusiasm built it up to that. I've *never* viewed SPF as an "antispam" methodology, but considered it an inevitable utility of the DNS system. Other methods are evolving to deal with spam, don't confuse them with what SPF is, which is essentially an authentication/identification framework that has the ability to mitigate one of the more popularly used spam obfuscation techniques. That spammers are publishing SPF records is in no way indicative of an inherent flaw in SPF's objectives or a failure in its implementation, in fact, I welcome spammers who publish SPF data detailing the originating points of their email. If more "known spam domains" did this, a handy DNSBL could be constructed out of such data (with a few caveats of course, it would also potentially open the door to a type of DoS attack). But at the end of the day, none of this is surprising and none of it constitutes a "failure" or setback for SPF (quite the contrary in fact). -mark -- Mark Jeftovic <markjr@easydns.com> Co-founder, easyDNS Technologies Inc. ph. +1-(416)-535-8672 ext 225 fx. +1-(416)-535-0237