Re: SPF and Google Groups (sending on behalf of)

Alex van den Bogaerdt wrote:

> In either case: I feel we should draw a line.  The SPF
> policy is good? The sending host is authorized?  Then
> it is not an SPF problem.

Alex, the users don't care *whose fault* it is when they
have a question, they want to know what is wrong.  That
user actually wasn't sure if something is wrong, or if
this might be a problem on the side of googlegroups.com
or the original sender.

Analyzing header fields was not his profession or hobby,
otherwise he could have answered his own question.  If
you tell him "go away, this is a SenderID PRA problem,
ask the SenderID folks why they use X-Sender" it misses
his points - besides SenderID folks would tell him that
this is bullshit.  

I can't tell if "SenderID folks" talking with ordinary
users exist, and it's perfectly understandable that you
don't like to deal with SenderID issues.  Like I don't
deal with confidential help requests using "topic: the
SPF Web site", about one per week.  I've reported that
the contact form doesn't do what the source code says,
I've tried to approve SPF questions on the Webmaster
list, and got pushback for that.  Now I mostly ignore
help requests with "topic: SPF Web site", confidential
or otherwise.  See, I also draw a line, it is just not 
exactly the same line as your line.

> I'm willing to appreciate the need to point people to
> that well known bandaid (adding a "Sender" header)
> although I think that's already dubious.

Yes, it is dubious.  IMO it deserves a clear hint whose
fault that is, even if users don't care whose fault it
is or was.  At least they should know that it is not an
SPF problem.  Nevertheless it is their problem with SPF,
they are not talking about spf2.0/pra and its variants,
nobody including the SenderID wizard uses that.

 Frank