Dave Crocker wrote:
I set the rfc2822.From field to be my address.
All of the messages from those situations would be assessed
an "unauthorized" and therefore would be falsely rejected.
That could be one of several known "Sender ID" PRA bugs, with
SPF that's not possible unless somebody screws up: Either your
policy is wrong, or the receiver does something very stupid
like (ab)using your MAIL FROM instead of his own in a forward
to a 3rd party.
SMTP used to work before RfC 2821, and it will soon work again
thanks to SPF. SPF is the reinvention of "source routes" for
a "responsible" return path. Funny, but if it works, why not ?
BTW, that's something I miss in your mail-arch draft, it does
not cover the 251 and 551 cases in conjunction with forwarding
to third parties. William proposed the term "redirection" for
this kind of forwarding.
Bye, Frank