While I understand that this system will allow supporting domains to
validate if the email came from my systems and block receipt without
generating a bounce message to me, I'm not sure how it deals with bounce
messages from non-supporting hosts.
E-mails are e-mails - you can't rely on SPF to block forged e-mails if the
sender doesn't publish SPF records. Until the day, where we can enforce SPF
records for e-mail delivery (which is hopefully in a not too distant future),
SPF can:
- Help filter out some e-mails with forged senders
- Be used in spam e-mail evaluation systems like spamassassin
- Be used to increase the trustworthiness of e-mails from a certain domain,
especially between two parties that know, that both have published SPF records
and use SPF-based filtering. Trust can be used for whitelisting etc.
Lars.