--- In thunderbird-spf@yahoogroups.com, Joshua Tauberer <jt@...> wrote:
>
> invisibilldotnet wrote:
> > > Okay, great, thanks for the info. I think I'm going to include
that and
> > > dnswl.org in the next update. For dnswl.org, when they report
high or
> > > medium trust level (and when SPF also passes), the extension
will say
> > > "High Trust" or "Medium Trust". I'm not sure what message to
use for
> > > Sender Score Certified. "Medium Trust"?
> >
> > I personally vote against this. I use this extension simply because
> > all it does is SPF checking. If you want to turn it into a full-blown
> > anti-spam solution, go ahead and add DNSWLs, and you might as well
> > throw in DNSBLs too.
>
> DNSBLs have been in the extension for a while now!
>
> But, the goal of the extension is to provide a tool against phishing
> (not a mere SPF checker), and while SPF gives you authentication, it
> doesn't tell you whether the sender is trustworthy. I'm not adding
these
> because they help identify spam, but rather because they help identify
> domains sending SPF-passing mail that are nevertheless malicious
(domain
> look-alikes, for instance). Whether white lists are actually helpful at
> this is yet to be seen, but judging from the blacklists (SURBL and
> Spamhaus), I expect it'll have *some* value.
>
> As for whether DNSWLs are going to become vindictive and arbitrary ---
> at that point, I can take them out of the extension. That's why I asked
> the list about SSC. Until then, so long as they're useful for
> identifying phishing, I think it's a plus to include.
>
> But, yes, there will be an option. There is an existing option to turn
> off the DNSRBL checks, and that option will be co-opted to turn on and
> off all of the white list checks too.
>
> --
> - Josh Tauberer
>
> http://razor.occams.info
>
> "Yields falsehood when preceded by its quotation! Yields
> falsehood when preceded by its quotation!" Achilles to
> Tortoise (in "Gödel, Escher, Bach" by Douglas Hofstadter)
>
Would it be more advantageous to include 'separate' options for each
of these, allow the end user more flexibility on which checks they
would prefer to include?

Or would that be more of a logistic nightmare than you want?