"terry" == <terry(_at_)ashtonwoodshomes(_dot_)com> writes:
terry> I agree to move on, but 1 quick note re adoption, those
terry> that implement spf will suffer significantly less
terry> backscatter, because backscatter from the wrong mta will be
terry> rejected.
I think you're mistaken. Backscatter generally comes from legitimate
MTAs (as you point out, spammers/viruses themselves don't bother to
generate bounces).
When a forged message transits a legitimate MTA, and that MTA is
unable to deliver (receives a 5xx for whatever reason) it generates a
bounce. This bounce is from <>, so SPF will check the HELO. Being a
legitimate MTA, it includes its legitimate name in the HELO string.
The bounce will pass an SPF check.
I say again:
SPF does not prevent backscatter (at least not unless every MTA on the
planet adopts it).
The backscatter issue does not consitute an argument against
proceeding with the work on Sender ID and CSV (the WG's current work
items) though both will result in backscatter to some extent.
-roy