[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Accountability!] RE: SPF abused by spammers

To: "MARID" <ietf-mxcomp@xxxxxxx>
Subject: [Accountability!] RE: SPF abused by spammers
From: "Gordon Fecyk" <gordonf@xxxxxxxxx>
Date: Mon, 13 Sep 2004 19:25:12 -0500
List-archive: <http://www.imc.org/ietf-mxcomp/mail-archive/>
List-id: <ietf-mxcomp.imc.org>
List-unsubscribe: <mailto:ietf-mxcomp-request@imc.org?body=unsubscribe>
Sender: owner-ietf-mxcomp@xxxxxxxxxxxx
Thread-index: AcSZ70Ice6ZQokTlRvOsrJnHrVI/7QAANXkg
Thread-topic: SPF abused by spammers

> >   Replace "sent" with "accepted responsibility for", and MAIL FROM
> > checking is perfectly valid, if all parties agree.
> 
> How do you arrive at publishing an SPF record being tantamount to
> accepting accountability for all actions of these authorized 
> entities? 

When I jumped into this little game I did so with the goal of:

========================
RESTORING ACCOUNTABILITY
========================

There, just so it's clear what I'm thinking, in case it wasn't clear every
other time I've used the word "accountability" or "accountable" in an e-mail.

Yes, this means knowing who to point fingers at for mail abuse.  It would
also mean fingering a domain administration who, wittingly or otherwise,
allows a compromised system to send abusive mail on its behalf (and,
hopefully, would correct that compromise somehow.)

I wasn't aware that this working group shifted from that goal.  Has it?

-- 
PGP key (0x0AFA039E): <http://www.pan-am.ca/consulting@xxxxxxxxxxxxx>
Sometimes it's hard to tell where the game ends and where reality bites,
er, begins. <http://vmyths.com/resource.cfm?id=50&page=1>

Follow-Ups:
- Re: [Accountability!] RE: SPF abused by spammers
  - From: David Woodhouse

Prev by Date: Re: Work plan for Sender ID
Next by Date: Re: I-D ACTION:draft-kucherawy-sender-auth-header-00.txt (fwd)
Previous by thread: Work plan for Sender ID
Next by thread: Re: [Accountability!] RE: SPF abused by spammers
Index(es):
- Date
- Thread