-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 In message <[email protected]>, Ted Lemon <[email protected]> writes
>Do >you seriously think that Google has special-case header parsing to deal with >spam from Cornell students' infected computers? No, they just use machine >learning. ... and one of the things that the ML will be processing will be the (tokenised contents of the) header fields... so having a pattern (of any kind) within the header fields has the potential to be extremely helpful in distinguishing good from bad >SPF allows me to discard all messages that claim to be from domain X but come >from IP addresses not listed for domain X, which means that I never have to >write a Received: header for that message. It rather escapes me how one of your users will be able to determine whether you received the email from a domain which had SPF at the time at which you received it unless you record that information along with the email (or do you think that DNS results are constant for all time?) If you're relaying the email on to somewhere else then you're assuming that there's a mechanism by which your policy regarding SPF becomes known to those other people. I'm unaware of such a mechanism existing at the moment -- and (this might be relevant to charters, albeit I really don't think that there's any real mileage in this topic at all) that although we have a scheme for originators of email to publish policy recommendations about the handling of email from their domains we don't have a similar policy for relaying machines (and absent a Received header field it's unclear to me what indicator we'd use to look up what that policy was). > If there is no SPF for the domain >that sent the message, I would like to just discard it as spam, but that's not >safe to do because so many small sites don't implement SPF or get it wrong. >But in any case where there is no SPF record, the site is definitely not >trustworthy: that's a shame, I consider myself very trustworthy and I've never bothered with SPF :-( - -- richard Richard Clayton Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety. Benjamin Franklin 11 Nov 1755 -----BEGIN PGP SIGNATURE----- Version: PGPsdk version 1.7.1 iQA/AwUBVlw7VOINNVchEYfiEQLyGQCghamhwwd4RueAaba0LQpvriswU54AoLwO DeHiYX3uumCKRBVmKY6zN4j9 =TXrC -----END PGP SIGNATURE----- _______________________________________________ Shutup mailing list [email protected] https://www.ietf.org/mailman/listinfo/shutup
