On Mar 26, 2008, at 3:30 PM, Julian Mehnle wrote:
There are two parts to SPF: publishing SPF records for one's
domains, and checking SPF on incoming messages. Everyone can do the SPF checking part, even if they cannot publish SPF records themselves for whatever reason. SPF's alias-style forwarding issues aside, "Pass" results,
when achieved, are perfectly reliable and accurately indicate that the envelope sender address can safely be bounced to.
I was part of the original SPF working group, you're singing to the
choir.
But for various reasons many organizations publish wide-open SPF
records, and right or wrong those people will still report
backscatter to the blacklists.
--
Jo Rhett
Net Consonance : consonant endings by net philanthropy, open source
and other randomness