Skip site navigation (1) Skip section navigation (2)

Re: [CORE] SPF Record ...

From: Andrew Sullivan <ajs(at)crankycanuck(dot)ca>
To: pgsql-www(at)postgresql(dot)org
Subject: Re: [CORE] SPF Record ...
Date: 2006-11-19 14:31:53
Message-ID: 20061119143153.GE26583@phlogiston.dyndns.org (view raw or flat)
Thread:
Lists: pgsql-www
On Sat, Nov 18, 2006 at 03:41:03PM -0500, Dan Langille wrote:
> These are inaccurate conclusions.  SPF information helps to draw a 
> conclusion.  Consider it a points system.    Get so many points for a 
> might be, none for a definitely.  Get enough points, you're spam.  
> SPF is most wisely used in conjunction with other information to 
> reach a conclusion.

A bad conclusion, poorly supported by evidence that is costing
everyone on the Internet.  

The problem, in my view, with SPF is that it doesn't actually solve
the authentication problem, _plus_ the costs it imposes are borne by
_everyone other than_ the person whose behaviour SPF is supposed to
be trying to prevent.  Note that last bit: SPF is not free -- not
even if you aren't using SPF but happen to perform ANY queries (and
at least 2/5 of the Windows clients in the world do).  But none of
those costs are actually paid by the would-be spammer.

A

-- 
Andrew Sullivan  | ajs(at)crankycanuck(dot)ca
Users never remark, "Wow, this software may be buggy and hard 
to use, but at least there is a lot of code underneath."
		--Damien Katz

In response to

pgsql-www by date

Next:From: Marc G. FournierDate: 2006-11-19 16:45:48
Subject: Re: [CORE] SPF Record ...
Previous:From: Andrew SullivanDate: 2006-11-19 14:28:20
Subject: Re: [CORE] SPF Record ...

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group