What about educational institutions? If we want to have this debate again
(this horse just won't die), you need to look at more than your
publicly-traded Fortune 500 companies.
That said, I don't really want to resuccitate this horse... But I have
argued in the past (see the archives) and will argue again that there are
many legitimate reasons why someone would need to use a
non-domain-owner-provided SMTP server in cases where the domain owner's SMTP
follows the old "relay for your local IPs" model. Such a domain owner could
not, without severely inconveniencing some people (many of whom are at the
bottom of the organizational food chain), deploy SPF without reconsidering
how people in this "grey" zone use email.
Replace the old SMTP server with one that has some form of
authentication (pop-before-smtp, sasl) and make it world-visible. Or
have the users drill an ssh-hole through the firewall. A Linux box
with postfix and sshd on it, combined with some iptables knowledge is
all that's needed to create a solution for cases like this.
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.4.txt
Wiki:
http://spfwiki.infinitepenguins.net/pmwiki.php/SenderPermittedFrom/HomePage
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname(_at_)©#�«Mo\¯HÝÜîU;±¤Ö¤Íµø�?¡