The problem we face is that some people we work with can't do that
Then explain that client-side (their users, to whom they send mail) are probably using Hotmail, et.al. and SPF will simply not allow "spoofing" which is what they want to do, unless they either : A) add the SPF record as previously mentioned. It's a TXT record under their root and isn't hard at all. B) permit you to use a subdomain (like "user@theircompanymail.yourdomain.com"). A variant of (B) would be to ask them if you can register "theircompanymail.[com|net|..]" and send from that with proper SPF records. Most people won't notice the difference. We run into this all the time (a .edu) where users decide they want to use Yahoo for their email (we let them do that) .. but then configure their @edu address as the FROM and wonder why nobody gets their email. (we have to constantly explain how "NO, we won't add Yahoo's mail servers to our SPF record") Personally, I think SPF is a major PITA operations-wise .. but if you've ever had to fill out the form to get un-blacklisted at Yahoo/AOL, that's one of the first things they ask .. "do you have a spfv1 record defined?". As an aside, allowing your customers to forward @yourdomain to @otherdomain .. is a good way to get your own MXs blacklisted (this happens to us about once a month, then the "free whatever" adds blast our @edu addresses and a third of them go off to Yahoo .. our spam filters catch most of it, but then they miss a batch, we always have problems because of the forwards.) Regards, Michael Holstein Cleveland State University