Matthew Elvey writes:
We still use EHLO to select the domain to authenticate;
we ditch the PRA and SRS. So our friends you were
talking about DON'T HAVE TO DO ANYTHING! The big
German hoster just has to make sure that the EHLO its
server sends out is a domain that has an SPF record
that validates its IP (and reputation/accreditation).
SRS doesn't need to be deployed! In my proposal, most
domains DON'T NEED new DNS records AT ALL. (And none
of this RFrom stuff is necessary either.) Near lightning-
fast deployment is feasible. And we're still providing
and using M.A.R.I.D. effectively.
It all sounds good except for one small fact: Knowing that an MTA is
who he says he is does nothing to help you know whether he's authorized
to send you the mail he's trying to send. For that, you PRS and all the
rest.
-- jimbo