Commerco WebMaster wrote:
[...]
While the above is how we tend to implement here, I am fairly sure
that the spec is a bit more flexible, in that the redirect could be
pointed outside one's domain zone, however, I don't immediately see
cases where that should be done.
[...]
The other case I can think of is when a domain publisher has a local
SMTP MTA they wish to authorize for their domain (their local SPF
record covers this), and also uses their upline ISP's server as a
"smarthost" or fail over server (their include covers this through
their ISP's SPF record).
Actually, I do this now for hosted domains on a single MTA. I publish
one SPF record on the server's domain and then redirect to that domain
from all the hosted ones. For me, this also keeps the relationship clear
regarding who owns the actual permission to send from that MTA, rather
than distribute that amongst all the hosted domain SPF records.
Bill