"Frank" == Frank Ellermann <nobody(_at_)xyzzy(_dot_)claranet(_dot_)de>
Frank> ............^^^^^^^ v=spf1 means MAIL FROM only, and
Frank> nothing else,
Actually, v=spf1 means a mandatory check on MAIL FROM, a mandatory
check on HELO when MAIL FROM doesn't contain a domain (which generally
boils down to just the MAIL FROM:<> case for all but the most liberal
recipients) and an optional check on HELO in other circumstances.
I would be quite keen on future work to allow MAIL FROM checks within
Sender ID (though now is the time to ensure that the versioning system
allows that in a clean way, not the time to spec that work).
I'm less convinced that merging HELO checks into Sender ID is the
right way to go. But now is not the time to discuss that, either (and
as CSV is a WG work item which adresses the HELO identity, we can have
that discussion once Sender ID is out the door).