-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I just had the same idea Frank had, so...
Chris Haynes wrote:
So my assertion is now that the _only_ time you can, with complete
integrity, collect and elaborate the entire SPF policy is during the SMTP
transaction.
Anyone disagree with that contention?
...no.
If so, please propose the rule we should include in the RFC to define for
how long after SMTP-time the test will still be valid, and justify your
proposal.
There should be no hard limit because, according to experience, few
policies vary over time. But we should warn that, strictly viewed,
policies are applicable only during delivery.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
iD8DBQFCh1htwL7PKlBZWjsRAsUfAKDHS0cy5tXB5w/ZFVsiD2qdpUaNFwCfeakJ
J+i2h8Mz68AkCP6yNH7orWA=
=H7hZ
-----END PGP SIGNATURE-----