-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
David MacQuigg wrote:
Stuart D. Gathman wrote:
It has already been pointed out that SPF records could list addition
identity checks supported as a modifier (useful if you always check
SPF first).
A sender not using SPF will not have any SPF record, even one telling us
what other identities to check.
Senders do not "use" SPF, domain owners do.
What if the owner of the example.com domain actually used SPF, but the
sender, who wants to abuse the example.com domain, says "ID none" (or
doesn't say "ID" at all)? What's the receiver supposed to do then?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
iD8DBQFCj2hCwL7PKlBZWjsRAuB5AKC6o/eahtQnoTgv16Cyd5xU3YX7RACffxA1
piJLwCXL7TyMRcEcbQ0WLXM=
=WW5Q
-----END PGP SIGNATURE-----