>SPF doesn't claim to solve everything. it just aims to reduce forgery. No. Read spf.pobox.com: the home page says things like "makes it easier to identify spams, worms, and viruses" and "SMTP receivers can distinguish legitimate mail from spam".
It worries me that SPF advocates seem to be substantially contradicting each other regarding even the most basic aspects of what SPF sets out to achieve. >I am currently using it at the end-of checking, in my test. If an email >makes it >all the way past everything else, then it looks at the SPF result. That's much better than relying on SPF as an earlier check, IMO. >Well, email shemail. The bigger picture is everyone having at least >30-50 devices in their house that all connect to the Internet and send >and receive messages. Like refridgerators, and toasters and what-not. >People will be hacking these things and mysteriously infinite cases of >beer will arrive via grocery delivery. Talk about denial of service. > >There has to be human armored ssl or pgp signed messages and messaging >servers that can handle them. Perhaps. How SPF helps us get there remains to be seen; AFAICT it actually takes us in the *wrong* direction, while DomainKeys is at least down the right road. -- James Craig Burley Software Craftsperson <http://www.jcb-sc.com>
