LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for February 16, 2012

Book review: Open Advice

Linux support for ARM big.LITTLE

LWN.net Weekly Edition for February 9, 2012

XBMC 11 "Eden"

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

That much trouble?

That much trouble?

Posted Sep 5, 2004 22:36 UTC (Sun) by khim (subscriber, #9252)
In reply to: That much trouble? by doogie
Parent article: Debian rejects Sender ID

And what SPF/SenderID is ? Easy: it's try to reject mail from someone who's pretending he/she is now what he/she is. pgp-mail does is way better then any patented scheme. Yes, it needs some changes in end-user agents, but SPF/SenderID needs these changes as well! Of you can add proxy in the process. The same as with pgp.

If you say: "SenderID is different solution" I'll agree. If you say: "SenderID is better solution" then I want clarifications. It's pretty easy to add "reject non-pgp signed mail" rule to senmail or other MTA - it's just deemed "too intrusive". Thus instead of good and tested solution we're stuck with bunch of half-backed "extensions" and stupid "authentification schemes".

(Log in to post comments)

That much trouble?

Posted Sep 6, 2004 16:03 UTC (Mon) by TwoTimeGrime (guest, #11688) [Link]

> Easy: it's try to reject mail from someone who's pretending he/she
> is now what he/she is. pgp-mail does is way better then any
> patented scheme.

pgp-mail requires you to receive the entire email before making a decision. SPF does not. That saves bandwidth.

SPF isn't covered by a patent. You can use it. It's working now to stop joe-jobs. See this link for a good overview: http://yro.slashdot.org/comments.pl?sid=119211&cid=10...

> Yes, it needs some changes in end-user agents, but SPF/SenderID
> needs these changes as well!

SPF does not require a change in end-user agents. It can and does work at the MTA level.

"It's not a bug ... it's a feature"

Posted Sep 6, 2004 18:42 UTC (Mon) by freemars (subscriber, #4235) [Link]

pgp-mail requires you to receive the entire email before making a decision. SPF does not. That saves bandwidth.

The bandwidth costs the spammer (or the major ISP which doesn't block mail from zombied computers) as much as it costs you. You can do your part to drive the cost of spam up.

Think of it as a tarpit.

Further downthread people are saying how PGP'd spam would do more to hurt encryption than spam; they're probably right (imho).

Copyright © 2012, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds