On Tue, 2004-11-23 at 10:02 -0800, Greg Connor wrote:
I agree with that. Nobody should implement SPF without a lot of testing,
analysis, introspection, navel-gazing, talking, announcing, more talking, etc.
... and possibly also ditching the whole silly idea and implementing
something DK or IIM instead? :)
What I have mostly been advising people (those few who actually ask me) is
that they should set up SPF records to describe how mail is really sent. If
they can really say for sure that all mail is sent through their known
servers, they should write -all; if they can't say for sure, they should write
?all, or possibly write an exists: clause that logs queries to a file and then
analyze the data and decide for themselves.
I agree wholeheartedly. With the caveat that you should be entirely
clear that in today's world they almost certainly _cannot_ say for sure;
hence they should almost certainly either use '?all' or an exists:
clause.
--
dwmw2