David MacQuigg wrote on Wednesday, December 06, 2006 8:25 PM -0600:
Maybe we should try -all for a while, and see what problems crop up.
Since so few recipients currently reject on SPF fail, that is fairly
safe and you will know if there is a problem. I suggest that you
consider adding ?include:raytheon.com when you change to -all, so your
Raytheon customers don't get SPF fail. The next step is to turn on SMTP
AUTH over port 587 and transition your remote users to that submission
method. Once all your users are changed over, you can remove the
?include:raytheon.com and then be free of any worry they will send spam
with your domain name. The other advantage of SMTP AUTH is that other
users on the Raytheon network will not be able to send mail forging your
customers' identities that will be accepted by SPF checking recipients.
--
Seth Goodman
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to http://v2.listbox.com/member/?list_id=735