Meng Weng Wong wrote:
This is all part of cost-shifting from receivers to
senders.
[...]
we have a strong economic argument that old MUAs and
old smart hosts will just have to upgrade.
ACK, I certainly agree, but it introduces something new:
Without your no-MX-rule anybody not interested in SPF
and RfC 2476 could simply ignore it. It was voluntary,
no policy no problem as long as no worm and no spammer
forges addresses of the domain in question. When the
bounces come even a clueless user will learn to jump.
With your no-MX-rule users are forced to do something
before they were hit by the problem. They won't like
it, and therefore it should be clear that the problem
is not SPF but some old MSAs ignoring RfC 2476.
One of my ISPs is a (weird) real world example: Most
users send mail with the normal smart host, and this
mailer fixes the MAIL FROM and even the From: header
based on RADIUS.
The same ISP also offers a "SMTP relay" (for a small
monthly fee) where the MAIL FROM is _not_ fixed. I'm
very curious how this ISP reacts, selling the chance
to get a SPF FAIL would be a funny business model.
Bye, Frank