On Wed, 2005-07-06 at 15:50 -0400, Stuart D. Gathman wrote:
BATV and SES are great too. I use SES to block forged bounces. I don't
currently use them for authentication because of the replay problem, but I am
open to solutions (like message body hashes), and have spent time on the SES
project.
I'm confused by that. There are a large number of people who won't use
SPF because of false rejections caused by the forwarding problem. Many
many recipients won't ever use SPF. Yet you think the vanishingly small
chance of a signed reverse-path being harvested is _more_ relevant?
--
dwmw2