One of the basic assumptions that Shelby is making is that it is acceptable
for a user to type in any From: address they like when using any ISP - his
own or another while on holidays, etc. Someone correct me if I am wrong,
but this is one of the main problems with e-mail today. E-mail was never
designed to cope with what it's doing now, which is why there's so much
mis-use and subsequent re-designing, patching, etc, going on, but it would
be a very good thing if all ISP's could agree to a standard of no "external"
domains being used through their server and a specific date to implement it.
That gives everyone time to warn their clients and sort out any bad habits
that have crept in.
I use PHP webforms, and I am considering my position very carefully. I can
add all the headers, and I have to make sure that the server sending the
response mails are correctly identified to be spf compliant. If anyone has
done this already, I'd appreciate some input ;-)
Slainte,
JohnP.
johnp(_at_)idimo(_dot_)com
ICQ 313355492