On Tue, Jan 04, 2005 at 08:30:06AM -0500, Scott Kitterman wrote:
I would strongly recommend domain owners set a policy that
avoids giving an
SPF pass to messages sent from sources that allow for cross-customer
forgery. This concern does not apply to properly secured MTAs under the
control of the domain owner.
Right. So you don't authorize poorly-run MTAs to send mail for you. Makes
sense.
Unfortunately, almost all shared MTAs that allow a "foreign" mail from are,
by your definition, poorly run. SPF is great for those who run their own
servers, but for those of us who pay someone else to do it and don't have
the volume for a dedicated box it is more problematic.
Sure. I was actually trying to agree with you that you should consider using
"neutral" rather than "pass", but I guess it didn't quite read clearly
enough.
*shrug*
Cheers,
Nick