Why can't a spammer create many domains, and use an SPF record like this:
"v=spf1 +all".
There is a possible point for SPF developers here. Perhaps SPF checkers should
offer the option to kick out a flag or add a special header when they see a
+all
Seems like a +all, though formally a legal part of the syntax, is a pretty
clear indication that something is wrong. At the very most charitable, it
should be interpreted as an unknown.
Reminds me of the old hypothetical PDP-11 instruction Mov -(IP) -(IP).
Formally, a legal part of the (highly orthogonal) instruction set, but 1. Not
usually implemented and 2. producing a pretty bad (though amusing) result if
actually executed.
Mark Holm
mholm(_at_)medrad(_dot_)com