This is a multi-part message in MIME format.
SPF _cannot_ validate that the sender of that message was
indeed the claimed sender.
SPF does not publish whether the domain owner prevents forgery of e-mail
addresses within the same domain, but that's not what SPF is around to do.
Please regard SPF in context with what it's trying to do. SPF is not trying to
save the world - actually, it allows a certain degree of freedom in how to
handle your e-mail systems, both technically and administrative.
The more you want to check, the more complicated it gets. SPF was designed for
a simple task, and can therefore be kept simple. There are many parameters in
handling e-mails:
If you want to be 100% sure identity of a sender, you will need digital
signatures, and you will need certificates to ensure that the digital signature
actually belongs to the identity that you expect. If you don't trust
authorities, don't get your signature from such one. If you want to communicate
with digital signatures with authorities, you will need to get your signature
from such one.
If you want to kill spam 100%, you will need to define "spam" extremely
precisely. Please note, that e-mails on this list is spam to some people, if
they aren't clever enough to find out how to unsubscribe to the list. Good
spamfilters should be able to filter away e-mails from this list for those
people, while letting it through to other people.
If you want flexibility in your systems, you should not set any restrictions on
which servers may send which e-mails etc.
If you want to guarantee e-mail delivery, you should not bounce or filter away
any incoming e-mails.
If you want an e-mail server with no significant load, don't put any
spamfiltering techniques on the server, that makes network lookups (like RBLs,
SPF etc.) or uses CPU (bayesian filtering).
If you want a real-life e-mail system for many people, you will have to
compromise. What you are doing, is to describe some characteristica of some
technologies - but this doesn't change the fact, that SPF will benefit a lot of
e-mail systems at a low cost, and is even able to give the early adopters
immediate and remarkable benefits.
Lars.