Add my name to those that disagree with you. I have "-all" in my SPF
records because I am confident that all legitmate business related
emails from my company will be sent from the servers specified in my SPF
records and none others. If recipients are concerned about the
possibility of missing some email due to greeting card companies and the
like, they can use a whitelist for those. Otherwise, being in the
banking industry, I am much more concerned about stopping forgeries than
I am about permitting online greeting card emails.
David Woodhouse wrote:
Each of the mailfrom and pra scopes make flawed assumptions about
forwarding practice, and it would be necessary for uninterested
forwarding sites to modify their behaviour in accordance with any new
RFC.
Sites would need to modify the SMTP-reverse-path, or add a new header to
conform with mailfrom/pra respectively.
The use of '-all' in any such record makes the assumption that
forwarding sites have _already_ upgraded. This is not realistic -- the
date of publication would in effect be a 'flag day'.
We should avoid such an occurrence. The first publication must prohibit
("MUST NOT") the use of '-all' in records of either scope until such
time as it is later decided that the Internet as a whole is quorate with
respect to whatever reverse-path/header modification is required for
each.