Domain: woodhou.se
Stories and comments across the archive that link to woodhou.se.
Comments · 8
-
Re:The Reality
-
Re:No, and I won't
SPF is harmful.
I hope the guy responsible for the anti SPF page is better with e-mail tech then creating HTML documents....
-
No, and I won't
SPF is harmful.
-
Re:BT is an IPv6 pioneer
A&A are not asking for anything unusual. All they want is for BTW to deliver the service as specified. The problem is a well known bug in the IOS image that BT has installed on some BRAS, which has been demonstrated to also affect certain IPv4 packets, making the IPv6 argument completely spurious.
If you want a laugh at their incompetence, have a gander at the following:-
http://david.woodhou.se/bt-clueless-1.html
http://david.woodhou.se/bt-clueless-2.html -
Re:BT is an IPv6 pioneer
A&A are not asking for anything unusual. All they want is for BTW to deliver the service as specified. The problem is a well known bug in the IOS image that BT has installed on some BRAS, which has been demonstrated to also affect certain IPv4 packets, making the IPv6 argument completely spurious.
If you want a laugh at their incompetence, have a gander at the following:-
http://david.woodhou.se/bt-clueless-1.html
http://david.woodhou.se/bt-clueless-2.html -
Re:A trickle?!
If everyone was publishing SPF-records and enforcing them, the problem would go away.
...and new problems would arise, because SPF is fundamentally flawed.
-
Re:Some do
SPF isn't supposed to do anything like what you claim
Odd. I made no claims about what SPF is "supposed" to do, only noted that it 1) breaks forwarding, and 2) doesn't prevent spam.
As for preventing forgeries like joe jobs, read the page I so conveniently linked to:
Some people claim that SPF directly combats spam. It doesn't. SPF attempts to address forgery. In fact, a large amount of spam rates an SPF 'pass' result, because spammers have rapidly adopted SPF for themselves.
You still need a blacklist or other kind of trust database, to tell you which domains are trustworthy and which are not. But we already have lots of blacklists; it's just that we list the IP address instead of the domain name, to tell you which hosts are trustworthy and which are not. We don't need to break email and force everyone to upgrade to some bizarre new scheme just for that.
Cryptographic signatures are the solution to preventing forgeries. Until we get them into wide use on the user level, DomainKeys is a fairly good solution. SFP is a poor one.
-
Re:Some do
SPF costs very little to implement in most cases and does not break email for someone who is not using it.
SPF breaks forwarding. It is a badly brain-damaged scheme.
A few years back it was alleged that more spam than valid e-mail was being sent using SPF.
SPF is bad, mkay? It should have been taken out behind the barn and put out of our misery a long time ago. Don't use it, and don't encourage it.
DomainKeys is a much smarter scheme. Use and encourage it instead.