"In other words, message transfer can occur in a single connection between the original SMTP-sender and the final SMTP-recipient, or can occur in a series of hops through intermediary systems. In either case, once the server has issued a success response at the end of the mail data, a formal handoff of responsibility for the message occurs:
the protocol requires that a server MUST accept responsibility for either delivering the message or properly reporting the failure to do so (see Sections 6.1, 6.2, and 7.8, below)."
There is no guarantee that any bounce message will be received by the sending party.
No, there IS a guarantee that the bouncing message will receive the sending party. That is a basic requirement of the SMTP protocol.
Otherwise the sending domain in question has not only messed up its SPF records, but in addition it has a horribly broken mail system too. Maybe it worths keeping a safe distance from them.:)
Seriously, if we meet somebody with
1. broken SPF record and
2. broken mail system and
3. never noticed the above previously and
4. send us an important message and
5. negligent enough to not follow it up
then we will miss an important message.
But, that is a bit too much ifs, is not it? Honestly, I am more worried about the spam filtering heuristics in Thunderbird and in Gmail, not to mention other important things in life. I believe we benefit more from SPF than the risk it causes. But your mileage may vary.
SPF means Sender Policy Framework. It is a method to specify and check the precise list of servers which are allowed to send mails in the name of a domain.
Receiving servers use it to check the validity of the reverse-path of the mail. Reverse-path is the address to where bounce messages should be sent.
It is nothing more, nothing less. It causes great confusion because many thinks that it is intended to be a final SPAM prevention method, when it is clearly not.
Alone, it makes sending SPAM only a bit more difficult. On the other hand it does make easier to catch spams with other methods. As more and more domains and receiving servers start to use it, it becomes more and more effective in this role.
The simplest benefit of setting up SPF for a domain that your domain name cannot be forged as the reverse-path of spam mails. So you will get less back-scatter spam and angry mails. SPF almost completely eliminated back-scatter spam for us, which was once quite an annoying issue.
Spam from Iran? Strange. I checked my last four spam mails: 1 China, 1 France, 2 USA.
OK, it is a pathetic statistics, but still... The country is based on IP address of the server which directly connected to our server, and I lookud up the IP address on ip2location.com.
When a forwarder - actually any SMTP server - accepts a mail, than that means that it accepts the responsibility of either
1) delivering it, or
2) notifying the original submitter about the failure.
If a server fails to fulfill such a basic requirement of the SMTP protocol, than it is not an SMTP server, and anybody who depend on it is in serious trouble. And this is completely independent of SPF.
Regarding getting complaints: we have phone numbers and HTML contact forms. Our postmaster account is monitored and it is exempt of any kind of filtering. If somebody really wanted to complain then had the methods to do so.
We reject mails which fail the SPF check immediately within the mail session. That is the only safe way, because then the sender will receive a bounce message from his own mail server.
We never received complaints regarding SPF rejects, but maybe because we do not have large incoming mail traffic.
Even if there were false positives, it would not hurt anybody, because the sender is guaranteed to be immediately notified that his message had not reached its recipient. He could contact us using a different method, not mail - in addition to complaining to his (so called) system administrators.
A small correction:
Forwarders must rewrite the reverse-path, which is the address they submit in the MAIL FROM SMTP command, not the From field in the mail content. They leave the From field as it is. Actually they should not tamper with the mail content at all.
I believe that all large forwarders have been SPF compatible for years. Otherwise they could not deliver their mail to a very large percentage of recipients.
Sorry, but this thinking is either boresome or nitpicking. Yes, you cannot own thoughts. Yes, you cannot transfer authorship of said software. Have this any relevance to the post? No. You can do transfer each and every right related to the usage of that software. You will always be named as the author, but you can not do anything with that software at all without the permission of your employer.
Most casual games are Flash, however, many are Java, and Java is even stronger if we consider not only the count of games but the time played on a single game.
In the EU computer algorithms cannot be patented (or at least such patents cannot be enforced), but copyright law applies, and I guess copyright law exists in almost all countries of the word.
For the sake of moderators, who still mods up this - indeed helpful, conditional - correction, even after I wrote that it was wrong: No, the assumption is invalid, I do mean JavaScript.
It is similar to JSON, but notice the init function. This example creates a new Java (not Javascript) Car object, sets its driver and color attributes and starts the car when the application starts and stops it when the applicaton stops.
If in your particular configuration there are many such cars, than you are free to define your own Javascript function which can be used as a shortcut:
addCar("john@example.com", "red");
The administrator is allowed to bend the configuration syntax to his situation. And this power is almost free, the integration between Java and Javascript only requires a few lines of code in the application. For example you do not need to modify the source code of Car in the above example.
I guess lightweight in this case means that they reuse the Java runtime library and most importantly the Java Runtime with its Just In Time compiler, so they do not add a huge code base to the standard Java deployment.
I have used Javascipt as the language of configuration files in a Java application. It replaced XML. It is a pleasure to work with Javascript for this purpose, much more comfortable than XML. I also considered YAML, but Javascript is more powerful and considering its ubiquity it does not need more learning.
However, I am not sure if real administrators would like Javascript in configuration files. At least it is standard, and has a good documentation, but the expressiveness of Javascript can be used in the wrong way too.
Clicking on an Agree button may not be legally binding in your country, but it is definitely binding in mine, there was at least one case in which it was enforced by the court.
I am sorry to hear your bad experiences. If you have epilepsy, I understand your need to use an ad-blocker. I am sure that website owners will also understand it.
That said, I have not seen pop-ups and popuder ads for years. Google AdSense explicitly forbids them for example. Actually I have not experienced any of the mentioned issues recently. It seems that it is possible to easily find sites which do not have these issues.
They are using my compute resources and bandwidth to display content that is offensive to me.
May I ask you why do you visit these offensive ad-supported web sites? Is there something which forces you enter their URL into your browser? Are there armed thugs in your house sent by these disgusting sites? Do you hear voices in your head urging you to suffer?
By the way, I see that you are regularly using Slashdot. Have you bought a Slashdot subscription to not get advertisements? Or do you use an ad-blocker, which is free after all, and the Slashdot employees are gladly work for free for your entertainment anyway? Maybe you can add a third candidate for being a parasite to your analysis.
No, I am a software developer from the EU, who happens to work on a somewhat popular web site, and I value both my work and the work of other people who create content which proves to be useful or at least entertaining for me. This is the reason for example why I never click on the disable ads checkbox here on Slashdot, buy all the games are rarely play nowdays, etc.
You've turned highways roadsides into billboard plastered eyesores.
In many contries highway ads are banned.
You steal 15-22 minutes of every hour to sell us crap
I do not remember that I broke into your house armed with guns and forced you to view advertisements. For example the only TV channel I occassionally view is HBO, I pay the subscription fee, and do not view any ads.
You fill our snail mail boxes and email boxes with spam
No respectable company use spam nowdays.
In short, Go Fuck Yourself.
I seriously consider your recommendation, because you seem to be a person who is very experienced in this subject, i.e. in fucking yourself.
Yes, maybe a button is also required to be binding. The current notice banners introduced because of the EU cookie law are everything but invisible. I assume you haven't see any of them. They are displayed either on the top of the browser windows or at the bottom of the window, in a relatively large rectange in a vivid color. Actually I find them more annoying than any ads except maybe the wrongest.
I do not think so. A web page is protected by copyright law and the owner can decide about the terms under which he allows you to use page. You either agree to the terms or skip the page.
Slashdot Mirror
Maybe you should read RFC 5321 more carefully:
"In other words, message transfer can occur in a single connection between the original SMTP-sender and the final SMTP-recipient, or can occur in a series of hops through intermediary systems. In either case, once the server has issued a success response at the end of the mail data, a formal handoff of responsibility for the message occurs: the protocol requires that a server MUST accept responsibility for either delivering the message or properly reporting the failure to do so (see Sections 6.1, 6.2, and 7.8, below)."
There is no guarantee that any bounce message will be received by the sending party.
No, there IS a guarantee that the bouncing message will receive the sending party. That is a basic requirement of the SMTP protocol.
Otherwise the sending domain in question has not only messed up its SPF records, but in addition it has a horribly broken mail system too. Maybe it worths keeping a safe distance from them. :)
Seriously, if we meet somebody with
1. broken SPF record and
2. broken mail system and
3. never noticed the above previously and
4. send us an important message and
5. negligent enough to not follow it up
then we will miss an important message.
But, that is a bit too much ifs, is not it? Honestly, I am more worried about the spam filtering heuristics in Thunderbird and in Gmail, not to mention other important things in life. I believe we benefit more from SPF than the risk it causes. But your mileage may vary.
SPF means Sender Policy Framework. It is a method to specify and check the precise list of servers which are allowed to send mails in the name of a domain.
Receiving servers use it to check the validity of the reverse-path of the mail. Reverse-path is the address to where bounce messages should be sent.
It is nothing more, nothing less. It causes great confusion because many thinks that it is intended to be a final SPAM prevention method, when it is clearly not.
Alone, it makes sending SPAM only a bit more difficult. On the other hand it does make easier to catch spams with other methods. As more and more domains and receiving servers start to use it, it becomes more and more effective in this role.
The simplest benefit of setting up SPF for a domain that your domain name cannot be forged as the reverse-path of spam mails. So you will get less back-scatter spam and angry mails. SPF almost completely eliminated back-scatter spam for us, which was once quite an annoying issue.
Spam from Iran? Strange. I checked my last four spam mails: 1 China, 1 France, 2 USA.
OK, it is a pathetic statistics, but still... The country is based on IP address of the server which directly connected to our server, and I lookud up the IP address on ip2location.com.
When a forwarder - actually any SMTP server - accepts a mail, than that means that it accepts the responsibility of either
1) delivering it, or
2) notifying the original submitter about the failure.
If a server fails to fulfill such a basic requirement of the SMTP protocol, than it is not an SMTP server, and anybody who depend on it is in serious trouble. And this is completely independent of SPF.
Regarding getting complaints: we have phone numbers and HTML contact forms. Our postmaster account is monitored and it is exempt of any kind of filtering. If somebody really wanted to complain then had the methods to do so.
We reject mails which fail the SPF check immediately within the mail session. That is the only safe way, because then the sender will receive a bounce message from his own mail server.
We never received complaints regarding SPF rejects, but maybe because we do not have large incoming mail traffic.
Even if there were false positives, it would not hurt anybody, because the sender is guaranteed to be immediately notified that his message had not reached its recipient. He could contact us using a different method, not mail - in addition to complaining to his (so called) system administrators.
AFAIK most spam come from the USA. Or maybe they are second.
A small correction: Forwarders must rewrite the reverse-path, which is the address they submit in the MAIL FROM SMTP command, not the From field in the mail content. They leave the From field as it is. Actually they should not tamper with the mail content at all. I believe that all large forwarders have been SPF compatible for years. Otherwise they could not deliver their mail to a very large percentage of recipients.
You cannot own what is in another person's head.
Sorry, but this thinking is either boresome or nitpicking. Yes, you cannot own thoughts. Yes, you cannot transfer authorship of said software. Have this any relevance to the post? No. You can do transfer each and every right related to the usage of that software. You will always be named as the author, but you can not do anything with that software at all without the permission of your employer.
Most casual games are Flash, however, many are Java, and Java is even stronger if we consider not only the count of games but the time played on a single game.
You do realize that many casual games are Java applets, right?
In the EU computer algorithms cannot be patented (or at least such patents cannot be enforced), but copyright law applies, and I guess copyright law exists in almost all countries of the word.
For the sake of moderators, who still mods up this - indeed helpful, conditional - correction, even after I wrote that it was wrong: No, the assumption is invalid, I do mean JavaScript.
I do mean Javascript. Something like this:
It is similar to JSON, but notice the init function. This example creates a new Java (not Javascript) Car object, sets its driver and color attributes and starts the car when the application starts and stops it when the applicaton stops.
If in your particular configuration there are many such cars, than you are free to define your own Javascript function which can be used as a shortcut:
The administrator is allowed to bend the configuration syntax to his situation. And this power is almost free, the integration between Java and Javascript only requires a few lines of code in the application. For example you do not need to modify the source code of Car in the above example.
I guess lightweight in this case means that they reuse the Java runtime library and most importantly the Java Runtime with its Just In Time compiler, so they do not add a huge code base to the standard Java deployment.
You know the costs, it is free, GPL v2.
I have used Javascipt as the language of configuration files in a Java application. It replaced XML. It is a pleasure to work with Javascript for this purpose, much more comfortable than XML. I also considered YAML, but Javascript is more powerful and considering its ubiquity it does not need more learning.
However, I am not sure if real administrators would like Javascript in configuration files. At least it is standard, and has a good documentation, but the expressiveness of Javascript can be used in the wrong way too.
Clicking on an Agree button may not be legally binding in your country, but it is definitely binding in mine, there was at least one case in which it was enforced by the court.
That said, I have not seen pop-ups and popuder ads for years. Google AdSense explicitly forbids them for example. Actually I have not experienced any of the mentioned issues recently. It seems that it is possible to easily find sites which do not have these issues.
They are using my compute resources and bandwidth to display content that is offensive to me.
May I ask you why do you visit these offensive ad-supported web sites? Is there something which forces you enter their URL into your browser? Are there armed thugs in your house sent by these disgusting sites? Do you hear voices in your head urging you to suffer?
By the way, I see that you are regularly using Slashdot. Have you bought a Slashdot subscription to not get advertisements? Or do you use an ad-blocker, which is free after all, and the Slashdot employees are gladly work for free for your entertainment anyway? Maybe you can add a third candidate for being a parasite to your analysis.
You hit the nail on the head.
No, I am a software developer from the EU, who happens to work on a somewhat popular web site, and I value both my work and the work of other people who create content which proves to be useful or at least entertaining for me. This is the reason for example why I never click on the disable ads checkbox here on Slashdot, buy all the games are rarely play nowdays, etc.
You've turned highways roadsides into billboard plastered eyesores.
In many contries highway ads are banned.
You steal 15-22 minutes of every hour to sell us crap
I do not remember that I broke into your house armed with guns and forced you to view advertisements. For example the only TV channel I occassionally view is HBO, I pay the subscription fee, and do not view any ads.
You fill our snail mail boxes and email boxes with spam
No respectable company use spam nowdays.
In short, Go Fuck Yourself.
I seriously consider your recommendation, because you seem to be a person who is very experienced in this subject, i.e. in fucking yourself.
Yes, maybe a button is also required to be binding. The current notice banners introduced because of the EU cookie law are everything but invisible. I assume you haven't see any of them. They are displayed either on the top of the browser windows or at the bottom of the window, in a relatively large rectange in a vivid color. Actually I find them more annoying than any ads except maybe the wrongest.
I do not think so. A web page is protected by copyright law and the owner can decide about the terms under which he allows you to use page. You either agree to the terms or skip the page.