On Tue, 2004-12-07 at 16:29, Douglas Otis wrote:
Clarification of a clarification...
The word validation with respect to SPF is a bit vague. A more accurate
term would be authorization. The lack of assurance of intervening nodes
making a consistent check or their security removes assurances as to the
originating sender. It would be better said that SPF validates the
authorizations provided by the [purported] originating sender. Although
authorization may be sufficient to assert favorable accreditations,
authentication is required to hold a domain accountable for abuse.
-Doug