-----BEGIN PGP SIGNED MESSAGE-----
Stuart D. Gathman wrote:
On Tue, 9 Aug 2005, Daniel Taylor wrote:
I would say that this is the #1 reason for us to discourage the use of
?all records. People being people, the receivers will adapt to the
perceived reality of what the modifiers mean rather that the "book"
version of what they are supposed to mean.
With AOL and other frequently forged domains publishing ?all rather than
~all or -all the real meaning of '?' goes from neutral to forged in a hurry.
That's why a decent SPF checker will apply a NEUTRAL == FAIL policy
(or other adaptive policies) only to selected domains (e.g. AOL).
If it is important to send mail to defective SPF checkers, your best
bet is to get a PASS via SMTP AUTH/VPN/whatever - not to allow mass
forgery of your domain.
You are absolutely correct. But I firmly expect there to be a
significant number of off-spec SPF checkers out there, and much
as I love SMTP AUTH there will be domains for which it simply
isn't an immediate solution.
Daniel Taylor VP Operations Vocal Laboratories, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----