Subject: Re: INEXPENSIVE way to get reverse DNS records
To: Steven M. Bellovin <firstname.lastname@example.org>
From: Claus Andersen <email@example.com>
Date: 11/14/2006 09:58:24
On Mon, 13 Nov 2006, Steven M. Bellovin wrote:
> Last, if your religion believes in SPF records (mine doesn't; it
> classifies SPF records as sinful), create one that lists
Quite a bit off-topic but I cannot help getting intrigued when someone
who(m?)s opinion I respect classifies something as "sinful". This made me
look further into why SPF could be considered bad and found that you are
one of the more often quoted sources against SPF:
As a recent convert I had enough of a clue to know that TXT records are
bad, I had accepted it as an unfortunate prelude for the real thing: The
SPF records. And with RFC 4409 (Submission Agents/MSAs) the roaming
concerns are more or less covered. I like SPF because it makes it a little
harder to forge mail.
Re-reading the above objections however made me wonder whether some of the
more important objections still are valid:
1) Specmanship - has the specs improved during the last two years or
are people just leaping into implementation?
2) The TXT records are clearly and obviously a very bad idea. Has the
situation then improved by introducing the SPF records or is is it
still a flawed record with a new name?
3) It seems that there should be some substantial concern over the format
of the Received-SPF header line. Has this improved in any way?
These important questions raised a couple of years ago does not really
seem to be adressed anywhere (at my googalability level).
I was aware of:
They handle some of the objections quite nicely but I think that
"Forwarding and Return-Path." is rather glossed over. And even a little
worried that a objection is more of less discarded as degenerate:
"It's interesting to note that this is a degenerate version of
source routing which was deprecated years ago".
They do however link you to Jonathan de Boyne Pollard in an attempt to
balance their views:
Jonathan's main beef however seems to be that people keep trying to extend
SMTP in ways that wasn't originally intended or envised and the world
should instead move on to greener pastures (IM2000). While some of his
arguments most certainly have merit I do not find his alternative
pleasing; A replacement for SMTP is not a bad idea per se but IM2000 is
not the way to go in my mind (I even like X.400 better apart from the
Converts usually defends their new religion most vigorously so in my case
I might instead be considered on the fence ;-) If SPF should be considered
as a botched attempt are there any viable alternatives? Is Sender ID the
way to go?