Since a few days, I check for SPF records at the MTA, and I noticed one
particular issue. I'm not sure whether the drafts (-submit) are the
right place to mention this issue, or whether some BCP would be appropriate.
I've encountered a number of ISPs where users are unable to do outbound
connections with dst port 25, but are limited to the ISPs Smarthost.
Although I haven't seen it yet, but I suspect that Port 587 as per RFC
2476 (Message Submission) may be blocked as well if it's use is adopted
more widely.
Obviously, that is pretty efficient to stop certain categories of junk
(-sources), and is generally not an issue, if the Smarthost allows
arbitrary 821/822 From's.
However, with strict SPF (or SenderId) checking, this /does/ become an
issue, since a domain owner will most likely not add some random
Smarthost to the list of designated mailers.
-submitter mentions the use of SUBMIT briefly, but maybe the
implications of the (how common?) blocking of dst port 25 should be
mentioned.
-- Matthias
PS: The naming of SUBMITTER vs. SUBMIT protocol is somewhat confusing.
--
Brain-Log http://matthias.leisi.net/