« Interview with Larry Rosen Free Gmail Invites »
Death of Sender-ID and Compromise?
Posted September 8, 2004 – 11:20 am by Yakov Shafranovich in Spam and EmailAndy Newton, co-chair of MARID, posted an interesting proposal for a compromise today to the MARID list. First of all, to no one’s suprise he stated that IPR issues would block Sender-ID approval due to lack of consensus on deployment:
It is the opinion of the co-chairs at this time (before the end of last call) that the MARID working group has no consensus regarding the deployment of Sender ID. This lack of consensus centers around the IPR associated with the PRA algorithm.
In IETF-speak that means that Sender-ID is dead in its current form. But second, here comes a proposal:
It is also the opinion of the co-chairs that many in the working group
are willing to deploy MAIL FROM checking as specified in
draft-mengwong-spf. Therefore, we ask for consideration of the
following proposal:The ABNF in -protocol 3.4.1 is (mostly from a post by Wayne)
version = "spf2." ver-minor "/" ver-scope *( "," ver-scope )
ver-minor = 1*DIGIT
ver-scope = "pra" / "mailfrom" / name
name = alpha *( alpha / digit / "-" / "_" / "." )
And the following stipulations:
1) “mailfrom” checking will be defined in a new draft
2) multiple records are allowed
3) a scope (e.g. “pra”) can only appear in one record of one type for
validity purposesBasically the Sender-ID draft has a scope attribute. The interesting part is that Andy wants to use that scope for other identities besides PRA such as MAIL FROM and possible other ones. This would allow the IETF to approve Sender-ID without touching PRA, and leave the PRA decision to end users. Of course, it remains to be seen whether domain owners would be willing to publish both.
UPDATE: I got quoted in an InternetNews.com story on this.
Permalink | Trackback URL | This post has
Sorry, comments for this entry are closed at this time.