a forged email pass anyway
A forged email using a subdomain for which no SPF record exists will pass the
test checks against SPF fails, something which some spam-filters include, as
it's a cheap way to get rid of a chunk of spam. Such a forged email will NOT
"pass" SPF.
It is in theory possible that there is a incorrectly configured spam-filter out
there that gives you an easy ride if you use an SPF-less subdomain in the SMTP
envelope. I doubt this is the case, but if it does exist, please do tell its
developers to fix their filter.
I think is a misunderstanding of a huge part
of the operators
Is it? Have you evidence, even if it is only anecdotal, that such a
misunderstanding exists?
If so, as Dave said, we should consider writing better documentation.
Martijn.
________________________________
Virus Bulletin Ltd, The Pentagon, Abingdon, OX14 3YP, England.
Company Reg No: 2388295. VAT Reg No: GB 532 5598 33.
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg