Author: David Woodhouse Date: To: David CC: exim-users Subject: Re: [exim] support for domainkeys
On Sun, 2004-09-26 at 17:31 +0200, David wrote: > > The problem with SPF is that it introduces a _lot_ of breakage and
> > throws away valid email
>
> this is totally false, spf does not throw away valid email, it's only
> a way to express certain policy about emails using a certain domain,
> and that policy is given by the owner of the domain.
The point is that there are very dim people out there who publish
records ending in '-all' for domains which _do_ send email.
> If the owner says 'do not accept any email comming from servers other
> than that', then that emails where not valid emails (not authorized
> by the domain owner).
If the domain owner does actually send email from the address in
question, though, then stating that it may not be forwarded is naïve and
stupid. There _are_ people who are that stupid, and in fact it's
_encouraged_ by the SPF documentation.
Your argument seems very much akin to the "Guns don't kill people;
people do" argument.
> By now, it also does not break anything. It's true that it introduces
> problems with email forwarding, and that's why almost nobody is
> publishing strict (-all) spf records, altough there are some valid
> reasons to publish strict records.
People _are_ publishing -all records for domains which actually send
mail.
> Maybe you want to point that to acomplish it's real objective
> mass deployment of both spf and srs is need, and that's really true.
No, I want to point out that its real objective can be accomplished in
_other_ ways, which don't require ubiquitous deployment of _anything_,
let alone anything as controversial as SRS.