It's *very* hard to mess with the SMTP protocol - it should be avoided
as much as possible, since only a miniscule fraction of email admins
will implement such an idea (not to mention - not all SMTP code is
going to even *have* updates to handle this)
I totally agree, which is also why I was shocked about Meng's new
attitude towards this - on the other hand, if Microsoft and SPF join
forces on this, and Microsoft puts their marketing behind this, it could
really decrease the world society's costs of handling e-mails and virus.
I just hope that Microsoft didn't put too high expectations into Meng's
head - most people don't want to mess with their e-mail systems, and
Exchange 2000 mail servers will still be around 4-5 years from now in
many businesses.
missing even just one real email can mean life-and-death
(literal, or just business/reputation) to some of them, so creating
anything that is going to cause this should also be avoided.
I don't agree here - it's up to the companies to define how they want
their e-mail handled. Some companies would fire the CIO if the CEO
doesn't get an e-mail because of a misconfigured SPF record, whereas
other companies would reject all non-SPF-PASS e-mails to the CEO or
forward them to his/her secretary.
Any plan, that requires everybody to do something, will fail. That's
life.
Lars.