-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Andy Bradford wrote: > Thus said Steve Meyers on Sat, 01 Oct 2005 12:02:00 MDT: > > >>They're not meant to block spam. They're meant to authenticate where >>the email came from. > > > The most common unauthorized use of someone's domain is spam. Are you > saying that the designers of these SMTP hacks had something else in > mind? Maybe they were trying to keep Microsoft from influencing IBM's > employees by sending fake emails that appear to come from IBM? This > would be fraud and a criminal offence; SPF and DomainKeys are not > necessary to persuade them from doing that. So what other kinds of > people would benefit from using a real domain that belongs to someone > else? > > Andy
In authenticating where the email came from, it implicitly allows the host to accept valid email or reject email that _is_ spam. Haven't you ever gotten an email "from" yourself? Or received a nasty email or bounce message about an email you know that _you_ didn't send? If the other end had rejected based on the fact that the SPF records showed IP Address w.x.y.z was the only IP authorized to send email for bradfords.org, and the email came from a different IP, then the email would never have gone anywhere. I think spam is probably the biggest reason for SPF, etc., but I suppose it can also serve as a very rudimentary validation of the email's source. Not very effective, but it might work in the most basic cases. Frank - -- Frank Sorenson - KD7TZK Systems Manager, Computer Science Department Brigham Young University [EMAIL PROTECTED] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFDP2qIaI0dwg4A47wRAkNAAKDJe6F/mLsqg7/AxCUmZujExAWpGgCg85IJ enS99QBKjjZh2PcAhgzxLII= =W3bz -----END PGP SIGNATURE----- /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
