After examining Microsoft's CallerID proposal in more detail, it is my
opinion that any system which attempts to reject/return mail after the DATA
phase is inherantly flawed.
I base that opinion on the thousands of attempted bounces that we have
received from the biggies (AOL, Hotmail, Yahoo, MSN etc) because of spoofed
return addresses. Bandwidth and CPU consumption may not be a concern to
Microsoft, but I firmly believe that an MTA should spend it's time and
resourses doing what it was originally intended to do (deliver mail)
instead of fighting abuse. The bulk of email rejection should be done
before the DATA phase using whatever resources can be made available. SPF
is structured such that it can become one of those resources, and CallerID
is not.
J.A. Coutts
Systems Engineer
MantaNet/TravPro