-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Mark wrote:
Also, considering the above, I would like to point out, that finding a
mechanism by which the MTA can tell the receiver it is patched against
cross-user forgery, is in itself no sinecure. Because the receiver would
have to be able to make the determination whether such mechanism itself
were authentic.
Such a mechanism, if it was part of the SPF record, would be authentic by
definition because it would be under the direct control of the domain
owner (who controls the SPF record).
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFCn33KwL7PKlBZWjsRAt9OAKDmwE0UURjOVK+uiWsnNLzfj3F5fgCgu5Yr
aDa3ug30x8C6lTqsS8IOXyo=
=Dbam
-----END PGP SIGNATURE-----