OT: What is "SPF" ?

[Tom Anderson]

From: "Matthias Andree" <matthias.andree at gmx.de>
> SPF has _massive_ impact on how mail can be sent, and break both regular
> mail forwards as well as injection through a friend's mail server.

I don't believe this is true.  SPF is just an improvement to DNS to allow
people to do what they wanted to do with MX.  That is, discover authorized
MTAs.  However, whereas MX identifies the receiving mail server for the
domain, SPF identifies authorized sending servers for the domain.  The
former is unique while the latter is indefinite.  I don't see how this
breaks "regular mail forwards", and preventing "injection" from an
unauthorized server is the entire point.  If I've read correctly, SPF allows
the admin to determine the default action which remote receiving MTAs should
take, either to accept or fail depending on the domain admin's SPF record.
The default is to accept no matter what.  Only the domain admin can specify
that if a sender is not in the SPF to fail the transaction.  None of your
email should be affected unless you specify in your DNS to fail by default
and do not set up your own sending MTAs.

> It is also "illogical" from the traditional post, which doesn't care
> into which postbox you drop or in which post office you send your mail.

This would seem to be a failing in the "traditional post", not a reason to
oppose SPF.  Clearly it would have been a good thing to know who sent
anthrax to Congress.  People need to be held responsible for things that
they cause to be delivered to others, whether physically or electronically.

Tom