On Tue, May 17, 2005 at 02:00:02PM +0200, Julian Mehnle wrote:
None of the reasons you have or could have given can negate my point, ever.
He who uses "?" in his SPF record doesn't care _enough_ about his domain
not being abused, because that way one will never be able to detect all
forgeries with certainty. Of course there may be valid reasons to accept
this issue. It is a matter of weighing the advantages and disadvantages.
He who uses any SPF record cares enough about his domain to setup
a record. Using "?" does not imply he's lazy, uninterested or
<insert any other negative word here>.
While I do agree one doesn't need to use "?<shared-host-here>",
I stongly disagree with your statement. Apply the golden rule
here: maximum result with minimal effort. If someone wants to
use "v=spf1 ?a:example.com -all", that's fine with me. Should
a user of example.com forge email, then this user can be tracked
much more easily than a random user somewhere included in "-all".
This is a valid policy: Let me handle abuse at example.com and
do not trust the rest of the world.
Alex