Martijn Grooten <martijn(_dot_)grooten(_at_)virusbtn(_dot_)com> wrote:
A forged email using a subdomain for which no SPF record exists will
pass the test checks against SPF fails, something which some
spam-filters include, as it's a cheap way to get rid of a chunk of
spam. Such a forged email will NOT "pass" SPF.
There is no way for the owner of the overlying domain (who also owns
the subdomain) to force such email to FAIL. There should be a way to
specify "all valid email from this domain and subdomains comes only
from this set of IPs and no others" and SPF fails to provide one.
That's a weakness in the structure of SPF which ought to be fixed.
Seth
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg