From: "Stuart D. Gathman"
Benefits:
- If applied *after* checking SPF classic, AND using records explicitly
authorized for PRA (spf2.0/spf1 op=pra), and NOT to SPF classic
records, *AND* the actual PRA validated is prominently displayed to
the
end user, then it helps prevent 2822 phishing for domains that publish
PRA
specific records.
Is a SPF1 record necessary for this benefit? Or can this benefit be
achieved using SPF2.0/PRA record? How will it differ?
If the following 2822 header is present:
Return-Path: ABC
Resent-Sender: DEF
From: XYZ
The PRA would be DEF. Why would this DEF display be prominent? Should it
be displayed along with XYZ which would be the normal FROM: field displayed?
--
Hector Santos, Santronics Software, Inc.
http://www.santronics.com