On Mon, Apr 26, 2004 at 08:29:00AM +0200, Roger Moser wrote:
| > If the domain does not exist (NXDOMAIN) an SPF client MUST return
| > "unknown".
|
| This will make the spammers and virus authors happy. Now they simply have to
| use a return-path with an non-existing domain, and their spam or virus will
| be delivered.
I'll see your section 3 and raise you a section 8.3.
SPF is only one component in a policy engine. An SPF-conformant SMTP
receiver is NOT REQUIRED to perform SPF tests on messages whose
dispositions have already been decided on the basis of other policy.
Example 1: if an SMTP receiver requires that sender domains must
possess MX or A records, and rejects transactions where they do
not, then SPF tests are moot.