Hello,
The only reason I am interested in SPF is to decrease my spam reception.
Agreed. Senders do not have much motivation, only receivers of forged spam do. That is
another reason why widesread SPF "-all" will not happen.
I don't think SPF will decrease "spam reception". *At all.* The only
reason I like it is that it gives domain owners a "say" in what machine
sends email using your domain name. And the TXT record can be configured
by any domain owner. There are no "lists", no "central database", you
don't have to pay someone to be a member of some group. IMHO SPF is
completely elegant in what it aims to do.
In fact, the implementation I built for my servers allows spam through
even if it fails other common tests, if the SPF check result is valid.
I think that an SSL kind of scheme where the first SMTP server (after
AUTH) injects a header with the to, from, and subject encrypted by a key
traceable to a recognized authority would reduce spam somewhat, if SMTP
servers only relayed/sent mail with valid signatures. But there is a
good deal of overhead involved in that. But that sort of thing would be
practically transparent to the end user, and still provide some sort of
anonymity. And it is a thing one could choose to implement or not implement.
I am certain there has to be some sort of project already going that
functions similar to this idea.
Best Regards,
Waitman Gobble