Would there be value in an mechanism extension for specifying that mail
is delivered over TLS?
"v=spf1 tls default=deny exp=Mail from %s must be transmitted using TLS"
(Obviously a server that doesn't advertise TLS would have to disregard
a "tls" rule.)
Possibly this could be enhanced with some reference to the key/cert
used? (Certificate stored in DNS? SHA1 fingerprint?)
--
Lee Maguire <lee(_at_)hexkey(_dot_)co(_dot_)uk>
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.txt
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡