Scott Kitterman wrote:
I think they do encourage v=spf1. That was presumably part of
Meng's "Deal with the devil".
Random thought: A "registered path" (i.e. IP) permitted to send
MAIL FROM the domain sould normally also be permitted to send a
PRA, for the PRA = MAIL FROM cases (e.g. 2822-From = 2821-From).
If that's correct the set of IPs permitted for MAIL FROM is the
same set as for PRA, or a proper subset of IPs permitted for PRA.
If somebody can determine the (potentially larger) PRA-set, and
publishes it as v=spf1 MAIL FROM set it should work, because it
should contain the (potentially smaller) MAIL FROM set of IPs.
The problem is "can determine" and "can publish", otherwise we'd
simply do it. For scenarios like moderated newsgroups or Sympa
mailing lists etc. etc. "can determine" can be difficult - e.g.
I've no clue how news.clara.net submits news to moderators, and
I never tried to figure out which IPs are used by a Sympa list
I read (directly, not via GMaNe).
And "can publish" is an illusion, maybe I could somehow convince
claranet.de that they should add IPs related to news.clara.net
to their SPF policy, but they've absolutely nothing to do with
this Sympa list (and none of their other customers reads it, as
far as I know). Like I don't read any Yahoo! groups, and would
not want an SPF policy where anything remotely related to Yahoo!
is "permitted" to send MAIL FROM xyzzy.claranet.de
Frank
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com