On Tuesday 13 January 2004 2:56 pm, wayne wrote:
Well, "no risk" is not 100% true. SPF doesn't eliminate *all*
forging, only the forging of the domain name. An AOL user could still
forge other AOL users' email addresses. That is, of course, if AOL
allows such things.
Hmmm.. a matter of interpretation I suppose. One *could* argue that mail from
'user(_at_)domain(_dot_)com' that passes an SPF check is _by_ _defintion_ from
that
mailbox. If a human who thinks he is or should be uniquely associated with
that mailbox does not like having insufficient control over mail sent from
it, it is an issue between him and the domain owner.
Still, this is one of the things I really like about SPF. A lot of
the bogus email (non-commercial UBE) is things like bounces, email
worms, and email worms that have been "processed" by anti-virus
systems.
Agreed
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.4.txt
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡