While the actions of Microsoft are morally wrong, they expose the achilles
heel of SPF classic: The system depends on receivers correctly
interpreting the published SPF records. The Microsoft deployment is in
essence a very broken SPF checker that seems to be confused about which
identity is being checked (and it wouldn't surprise me if it has other
serious problems as well).
When any receiver checks SPF incorrectly, whether it is using the wrong
identity ala Microsoft, or failing to account for forwarders like so many
others, a sender is often forced to resort to tweaking his SPF record if
he needs to get mail to the broken recipient. (Although in the case of
broken forwarding he can usually get the target email from the DSN and use
that instead.)
If it is a small company, you can usually call them on the phone and
explain the problem, and they will fix it. In the case of Microsoft, the
error is intentional and malevolent - a phone call is useless. Are there
enough people prepared to write off hotmail.com as a viable rcpt to? Or
has MS just slain Achilles?
Actually, if enough people contact hotmail support everytime their broken
implementation causes a problem, it might eventually have an effect.
--
Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.