Meng Weng Wong <mengwong(_at_)dumbo(_dot_)pobox(_dot_)com> writes:
OK, I'd like to collect more opinions on this thread today
and then reformulate my position at the end of the day.
I think that SPF classic should be put forward as a standard as soon
as possible and leave Microsoft to "do their own thing". Microsoft has
only a minority of the MTA installed base, and most of the Microsoft
suggestions (including their patent application) seem more appropriate
for use in the MUA (where they do have the majority of the installed
base). So maybe it would be best to let the MTA perform SPF RFC2821
checking and have the MUA perform checking on the RFC2822 From:
etc. So I think that the two should be able to co-exist (and be
beneficial to the end-user to have both sets of checks) independently
and not require any co-operative development. In fact SPF could be
beneficial for the RFC2822 checking could use the Received-SPF header
generated by the MTA to obtain the IP address from which the mail was
received.