- From: James A. Donald <jamesd@echeque.com>
- Date: Mon, 19 Jun 2006 12:28:28 +1000
- To: Jeffrey Altman <jaltman@secure-endpoints.com>
- CC: public-usable-authentication@w3.org
--
Jeffrey Altman wrote:
> My e-mail server software supports both SPF and DK. I
> attempted to utilize both but discovered that SPF and
> DK miserably failed with mail relayed by mailing
> lists. Given that I am subscribed to hundreds of
> lists and I desire to receive mail that is sent via
> the list servers and that I wish mail I send to be
> received by readers of the lists, I turned both SPF
> and DK off.
>
> The solutions are flawed because they do not permit
> the continued use of common e-mail usage patterns. I
> suspect more organizations would deploy a solution
> that worked.
DK and SPF, as designed, are designed to punish
unauthenticated mail, rather than reward mail that can
be authenticated as coming from a known good source.
Who wants punishment? In a world where authentication
is unreliable, we should not punish unauthenticated
mail, nor can we reward authenticated mail in a world
where spammers eagerly authenticate their mail.
--digsig
James A. Donald
6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
kVkx/D2DyS/ct+adQ9WyGWuvyce2sEhus3fTFjSO
43rr464OhonwPD3j7vv7nFUxm/nYx/RDE7HXlTJFM
Received on Monday, 19 June 2006 02:28:33 UTC