[Mimedefang] Deadline for SPF records
Ben Kamen
bkamen at benjammin.net
Tue Aug 10 13:42:15 EDT 2004
Les Mikesell wrote:
> On Tue, 2004-08-10 at 09:12, Dave Williss wrote:
>
>
>>You mean like an employee on the road using a hotel's ISP or at a
>>wireless hotspot connecting back to your mail server to send mail
>>as from your company? _Make_ them use authentication.
>
>
> Put a price tag on that. If you are selling a product, how many
> dollars worth of orders are you willing to discard because the
> potential customer sent a request for information through a
> public access point instead of their own ISP? Discarding their
> mail is the only way you can _make_ someone else do things
> your way. Is it worth it, when what really matters is the
> individual authentication and/or the message content? I just
> don't see much value in some untrusted third party's claim
> of authentication.
I'm feeling like you guys might be talking about different things...
Dave was talking about a road-warrior using his laptop at a hotel, or possibly a
web-mail application (which I don't think has been mentioned here and is a very
nice solution to those who just want to check/send mail quickly from some remote
locale - and has the advantage of originating an email at the company's source
mail server which would have it's approriate SPF record).
In the case of the MUA (LookOUT or mozilla) using AUTH/STARTTLS, the company's
user would in all essence be originating/relaying emails through the companys
SPF'd mail server in a nicely secure and proper fashion.
I do the same thing right now (still working on the webmail part). When I send
this email, I'm sending it from my mail server even though I'm using Netscape at
work 150miles away. The mail is relay'd via AUTH/STARTTLS. I have an SPF record.
Life is good.
On the other side, what are you referring to?
See yaz,
-Ben
More information about the MIMEDefang
mailing list