On 2/21/08, Stephen J. Turnbull wrote:

>  C'mon, Mark, you know that the only problem here is that there's no
>  accepted standard; they have to authenticate "you" somehow (do you
>  really want me to be able to spoof you and get information about your
>  mail to Yahoo customers?), and the right "you" to authenticate is the
>  apparent source of allegedly objectionable mail.  So it's going to be
>  SPF or DomainKeys or something like that.

But SPF (and similar technologies) and DomainKeys (and similar 
technologies) are both inherently broken in the general case.  Sure, 
there are specific cases where sites like BankOfAmerica.com can use 
them (and to everyone's benefit), but they're too easy to set up 
incorrectly (on both sides), and they break too many other parts of 
how e-mail is supposed to work.

-- 
Brad Knowles <[EMAIL PROTECTED]>
LinkedIn Profile: <http://tinyurl.com/y8kpxu>
------------------------------------------------------
Mailman-Users mailing list
Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Security Policy: 
http://www.python.org/cgi-bin/faqw-mm.py?req=show&amp;file=faq01.027.htp

Reply via email to