Re: [exim] support for domainkeys

Top Page
Delete this message
Reply to this message
Author: David Woodhouse
Date:  
To: David
CC: exim-users
Subject: Re: [exim] support for domainkeys
On Sun, 2004-09-26 at 17:31 +0200, David wrote:
> > The problem with SPF is that it introduces a _lot_ of breakage and
> > throws away valid email
>
> this is totally false, spf does not throw away valid email, it's only
> a way to express certain policy about emails using a certain domain,
> and that policy is given by the owner of the domain.


The point is that there are very dim people out there who publish
records ending in '-all' for domains which _do_ send email.

> If the owner says 'do not accept any email comming from servers other
> than that', then that emails where not valid emails (not authorized
> by the domain owner).


If the domain owner does actually send email from the address in
question, though, then stating that it may not be forwarded is naïve and
stupid. There _are_ people who are that stupid, and in fact it's
_encouraged_ by the SPF documentation.

Your argument seems very much akin to the "Guns don't kill people;
people do" argument.

> By now, it also does not break anything. It's true that it introduces
> problems with email forwarding, and that's why almost nobody is
> publishing strict (-all) spf records, altough there are some valid
> reasons to publish strict records.


People _are_ publishing -all records for domains which actually send
mail.

> Maybe you want to point that to acomplish it's real objective
> mass deployment of both spf and srs is need, and that's really true.


No, I want to point out that its real objective can be accomplished in
_other_ ways, which don't require ubiquitous deployment of _anything_,
let alone anything as controversial as SRS.

--
dwmw2