"David" == David <david(_at_)ols(_dot_)es> writes:
David> i don't feel that this is ok, spf enabling all their cable
David> users means that any zombie computer in this zone can start
David> forging their emails [...]
You're missing the point of SPF. SPF allows a domain owner to publish
their policy. It doesn't guarantee that you'll like their policy.
As I understand it from Nick Phillips's post above, BlueYonder's
current policy is that cable modem users are permitted to deliver mail
directly if they so choose. If that's the case then this SPF record
is a correct expression of their current policy.
Of course, they could change their policy (presumably by modifiying
their AUP), and some might argue that would be a good thing. But it
would be silly for them to publish an SPF record that _didn't_ reflect
their current policy.
But surely SPF shouldn't be in the business of making value judgements
about policies; it's just a syntax for expressing them. If you don't
like BlueYonder's policies, then lobby them for change, or simply
don't accept mail from them.
-roy