Chris Haynes wrote:
1) There is a 'vanity' domain. All its mail is sent via the
MX servers of its MSP 'example.com'.
2) The MSP's MX servers do not prevent cross-customer
forgery.
3) Anything from anywhere else on the internet was certainly
not authorised by the vanity domain..
What policy _would_ you recommend in the above scenario?
`nslookup -q=txt xyzzy.claranet.de` ;-)