Why large ISPs like SPF (the cynical view)

December 6, 2007

One of the peculiarities of SPF and related schemes is that many large ISPs are quite enthusiastic about it, especially free webmail places like Hotmail, Yahoo, and Google Mail. However, this enthusiasm rarely extends to blocking incoming email that fails SPF checks, although they are happy to encourage you to use SPF on your own mail.

The cynical view of this is that ISPs love the idea of SPF because it gives them more control over their customers. With SPF, their customers are not only tied to the ISP for reading their email, they are tied to the ISP for sending email too. This suggests why the free webmail providers are so enthusiastic; all of them show ads on their websites, so the more they can force users to use those websites the more they profit.

This also may explain why people are enthusiastic about SPF variants like DomainKeys that validate the message headers, since it gives them even more control of what users can do. (For most users, what matters is not their envelope origin address but what From: header says.)

Sidebar: the less cynical view of DomainKeys

The less cynical view of why Google and Yahoo are behind signing the From: header instead of the envelope origin address is that they are smart enough to understand that in the real world, no one is using either SPF or DomainKeys to reject email in the MTA. If you're aiming at users instead of MTAs, the message headers are what really matters, and so authenticating them is the important thing.

(And you actually have a shot at persuading MUA authors to include optional DomainKeys checking, or writing plugins to do it for popular MUAs.)

Written on 06 December 2007.
« Safely updating files that are read over NFS
Using Linux's magic SysRq feature »

Page tools: View Source, Add Comment.
Login: Password:
Atom Syndication: Recent Comments.

Last modified: Thu Dec 6 23:02:40 2007
This dinky wiki is brought to you by the Insane Hackers Guild, Python sub-branch.