March 26, 2008
10:30 p.m.
Jo Rhett wrote:
On Tue, March 25, 2008 2:33 am, Julian Mehnle wrote:
You can however safely send a DSN if an SPF[1] check for the incoming message passes.
That's not "safe" but perhaps "safer". But a lot of sites can't use SPF so they either don't use it, or use soft-fail. I would only trust SPF results from explicit matches and PASS.
There are two parts to SPF: publishing SPF records for one's domains, and checking SPF on incoming messages. Everyone can do the SPF checking part, even if they cannot publish SPF records themselves for whatever reason. SPF's alias-style forwarding issues aside, "Pass" results, when achieved, are perfectly reliable and accurately indicate that the envelope sender address can safely be bounced to.