In <NGBBLEIJOEEEBMEIAPBKKENJFNAA(_dot_)scott(_at_)kitterman(_dot_)com>
<spf(_at_)kitterman(_dot_)com> writes:
Does anyone have a better definition of "large segment" or other
concerns about this kind of option?
One theme that I have seen repeated on this and the related lists is the
idea that SPF results should be deterministic.
I strongly agree, the SPF result must be consistent.
That doesn't, however, rule out local policies that use the SPF checks
or SPF records to do other filtering. Just don't say the email is
being rejected due to the SPF result.
Personally, I think it goes to far. I believe that the main purpose of SPF
is to prevent forgery and identify responsible parties for e-mails, not spam
filtering. If someone publishes a record like you've described, then
they've signed up to be responsible. Then we go hunt them down and give
them the fate the spammers deserve (insert local policy here).
Yes, we must acknowledge that there will be people who strongly object
to SPF (hi David!) for either technological reasons of for
philosophical reasons.
In the latter case, consider someone who feels that it fundementally
limit where an email claiming to be from their domain is sent from.
They may want to "opt out" of all the DNS lookups that SPF creates by
publishing "v=spf1 +all" with a long TTL. This is the domain owner's
right to say!
Local policies are our friend.
-wayne