spf-discuss
[Top] [All Lists]

Re: bad advice: Please stop publishing -all it isNOT time yet

2004-06-14 02:14:10
On Mon, 2004-06-14 at 11:02 +0200, Roger Moser wrote:
David Woodhouse wrote:

Unless you can truthfully state that mail from your domain will never be
sent to a third-party address which is forwarded without SRS, then
'-all' doesn't accurately reflect your situation either.

If you sign all envelope senders and you have set up a custom DNS server to
check the signatures by using the 'exists' mechanism, then you can have
'-all' in your SPF record.

Heh. True -- that's a cunning approach to work around the fact that some
people can't be bothered to do sender verification callouts to check
addresses are valid, but some of those same people _do_ bother with SPF
:) 

Likewise I suppose '?1.2.3.4/0 -all' would be reasonable, if that's
actually permitted :) But you know what I meant. 

-- 
dwmw2


<Prev in Thread] Current Thread [Next in Thread>