2 Dec
2009
2 Dec
'09
10:52 p.m.
On Wed, 02 Dec 2009 12:38:54 CST, Chris Owen said:
On Dec 2, 2009, at 12:31 PM, Rich Kulawiec wrote:
Because SenderID and SPF have no anti-spam value, and almost no anti-forgery value. Not that this stops a *lot* of people who've drunk the kool-aid from trying to use them anyway,
OK, I'll bite--How exactly do you go about forging email from my domain name if the host receiving it is checking SPF?
It only stops forgery if the SPF record has a -all in it (as hubris.net does). However, a lot of domains (mine included) have a ~all instead. (And before anybody asks, yes ~all is what we want, and no you can't ask us to try -all instead, unless we're allowed to send you all the helpdesk calls about misconfigured migratory laptops".. ;)