Scott Kitterman wrote:
It has been brought to my attention off-list that some
consider my postings here inappropriate.
Oops, I considered the long thread with you and Doug as very
interesting, it explained parts of the philosophy behind this
idea. And "spammers will just sign whatever they want" should
be a major part of the threat analysis. No big deal if they
sign forged mails "from" me, less funny if they sign forged
mails "from" paypal.
For a similar (almost) fatal SPF PASS misinterpretation see
ietf-dkim mailing list