David Brodbeck wrote:
AccuSpam wrote:
However, consider that supporting "-all" for SPF (in order to give
SPF similar anti-forgery power) for all domains is also going to
require upgrades to all MUAs in order to integrate with many
different flavors of SMTP authentication at many different servers.
Most server software supports SMTP AUTH, though it isn't always
switched on. Most clients also support SMTP AUTH. There's no need to
support multiple systems. The only other common system I'm aware of
is POP-before-SMTP, but that's pretty crude and I'm not sure it really
counts as authentication. It doesn't require any special MUA support,
though. ;)
I agree. I don't see this as an issue. People that aren't using SMTP
AUTH are just plain crazy IMHO. I have had it set up on my systems for a
good long time.
What is troubling is that a _widely_ used client doesn't like to AUTH
with a decent mechanism. At least it does SSL.
Best Regards,
Waitman Gobble