[WBEL-users] Sendmail SPF SRS Question

John Morris jmorris@beau.org
Fri, 3 Sep 2004 22:33:32 -0500 (CDT)

On Fri, 3 Sep 2004, John Hinton wrote:

> October 1st is 'rapidly' approaching. Rumor has it that AOL might throw 
> the switch on SPF a month or two early as they normally do things and 
> with a 'go live' projected date of January 1st, this could mean we have 
> only a few weeks to get our DNS records updated and maybe only 6 or 7 
> weeks to get SRS running.

Well I guess AOL is going to have a problem come Oct 1, because I really
doubt SPF is going to see widespread adoption by then since it is almost
certain to still be an unpublished standard.  I'd give less than 50-50
odds of it ever seeing the light of day as an offical standard at this
point.  Which is a shame because it did have potential to slow down forged 
email and phishing.

And as for Sender ID, forget it.  Won't be seeing the light of day in 
WBEL, ever. Period, end of story, even if RedHat adopts it I'll have to 
remove it for legal reasons.  Unless of course MSFT changes their embrace, 
extend and extinguish tactics.

> That said. Does anybody have any word on what RedHat is doing? Besides 
> resisting.... Seems I need to be installing at least a test system like 
> about right now and I can't even find much of a mention of this and 
> RedHat on any google search.

They are right to be resisting.  The minefield around SPF and Sender ID is
a very real and very serious danger while the potential benefits are
unlikely to live up to the hype.  Until SID is completely off the IETF
standards track, it would be prudent to treat SPF as a trojan horse
designed to lead to eventual adoption of SID.  Falling for SID would mean 
the certain end of Free MTA software and quite probably the eventual 
elimination of vital functionality from Free MUAs.

John M.      http://www.beau.org/~jmorris        This post is 100% M$ Free!
Geekcode 3.1:GCS C+++ UL++++$ P++ L+++ W++ w--- Y++ b++ 5+++ R tv- e* r