Just a quick follow up comment to my earlier message after
reading Mark’s note.
The suggestion of allowing for:
"v=spf1 => test only SPF/MAILFROM, and v=marid1 => select
the SPF tests you like today."
does permit legacy solutions.
However, it also allows as Mark suggests non RFC compliant
sender’s to play games and chose the best algorithm to
inspect their message for their own purpose. Tilt.
Not a good idea as this leaves open a security hole.
It needs to be sender publishes a record. Receiver chooses
which data from the record to check.
If we are going to change the version string from v=spf1 to
v=marid1, then it seems to mean no backward compatibility.
John Glube
Toronto, Canada
The FTC Calls For Sender Authentication
http://www.learnsteps4profit.com/dne.html
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.734 / Virus Database: 488 - Release Date: 04/08/2004