Hi !!
> But, it is potentially useful for whitelisting. If there are domains
> that you trust, then SPF can be used to determine whether the email is
> coming from their approved IP addresses. If they are, then you may be
> able to accept the email without spam filtering. For example, I'd be
> happy to accept mail without spam filtering from educational domains
> (*.ac.uk, *.edu) when I'm sure that the email is coming from an
> institutional server.
spf pass is not a guarantee that any mail comming from 'pass' ip's
is not spam, in fact mail comming from that ip's could also be sent
by user applications that can forge other's users domains and email
addresses (like weak cgi applications).
> SPF may not be ideal for it's intended purpose, but that doesn't mean
> that it has no useful applications. Where your article says "If you use
> SPF, you will be causing genuine email to be rejected." instead you
> should say "If you use SPF _to_reject_email_, you will be causing
> genuine email to be rejected."
appart from sintactical corrections, this is certainly false, if you
reject on spf 'fail' you are exactly doing what the onwer of that
domain wants, in other words publishing spf records tells other people
which email is genuine and which one is not. The real error is not
rejecting on spf fail, is publishing -all records without knowing
what are the consecuences of this. If you want your email to survive
when it's forawrded the you should not publish -all records. In the
other hand, there are many situations where publishing -all is
very useful.
--
Best regards ...
----------------------------------------------------------------
David Saez Padros http://www.ols.es
On-Line Services 2000 S.L. e-mail david@???
Pintor Vayreda 1 telf +34 902 50 29 75
08184 Palau-Solita i Plegamans movil +34 670 35 27 53
----------------------------------------------------------------