On Thu, 28 Oct 2004 14:46:20 -0600, Robert Barclay
<robert(_dot_)barclay(_at_)returnpath(_dot_)net> wrote:
If this is really the case then PRA would do nothing to stop phishing
nor would it protect the 2822 From:
Yes, but this is indeed true based on the published PRA algorithm. This
exact point was one of the more common complaints about SenderID in the
MARID discussions. The PRA protects whichever header is the one that
comes out of the PRA algorithm.
I absolutely agree with you Robert. If PRA checking were performed
under SPF2.0/PRA where people published their records accordingly I
wouldn't be as concerned.
The problem is that unpredictable outcomes are created for people who
published SPF1 records according to the SPF1 requirements in good
faith.
Mike