Earthlink CTO Tripp Cox to ComputerWire: “We saw a significant number of false positives. We felt it was safer to publish no record at all than to publish one that may be misinterpreted.”

Cox is rejecting Sender Policy Framework (SPF), a way to use DNS records for confirmation of a sender’s identity. Over the last couple of years the basic DNS-authentication idea has morphed into several modestly different methods, each with its own high priests and apostles predicting the end of mankind if competing proposals are adopted.

(Meanwhile, the background chorus wails ever louder,”Do it! Do it! Do it!” Unfortunately, nobody knows which “it” to do.)

Earthlink isn’t alone. Hong Kong’s 37 million-mailbox-provider Outblaze bailed. MX Logic, too. So what do these firms know that Microsoft, Yahoo, Cisco, et al., don’t? Perhaps it’s the company they keep.

All three are members of the Messaging Anti-Abuse Working Group, (MAAWG) a club that is (decidedly unenthusiastic about quick adoption of SPF and Sender-ID.

As MAAWG member John Levine notes in CircleID:

“Nobody’s waiting for a perfect solution; we’re waiting for a solution that doesn’t cause more problems than it solves. SPF and Sender-ID have been grossly oversold. If you already have a list of domains from which you know you want mail and that send all their mail from fixed places (well-run E-mail Service Providers, mostly), SPF is a fine way to track the IP addresses those domains use. AOL uses SPF for that purpose.

“But that’s it. It’s not an anti-spam system… and for mail from anywhere other than an ESP, it fails too often to be useful. That’s why people who have tried it out aren’t using it any more.

“I really wish people would think more about reputation systems, since authentication systems, be it SPF, DKIM, or S/MIME are nearly useless without them.”

As we’ve told you for the last couple of years… unless you have a lot of time on your hands, you may want to wait till the dust settles.