On Wed, 25 May 2005 11:26:32 -0400, Bruce Lilly <blilly(_at_)erols(_dot_)com>
Also, the specific
recommendation of -all is at the heart of the fundamental problem that
the mechanism is hostile to mobile users.
I think the whole problem of forging senders' email addresses means that
the only effective ways to combat it ARE going to be 'hostile' to mobile
users who can't relay through their home mail server - or are going to
require message signing using certificates from approved authorities.
Maybe SPF (or something like it) should allow signed messages to
'override' SPF - so mobile users from domains can fall back to message
signing, without requiring that overhead for the majority of users who
either aren't mobile, or who relay through their home mail server (as we
do when we're mobile), so for whom the basic SPF will work effectively.