Neil, to your question about mitigating false SPF PASS:
There are three possible mitigations by senders:
- Drop the SPF policy so that messages evaluate to SPF None. A few
domains do this.
- Change the SPF Policy to return SPF Neutral for cloud services, as
currently proposed.
-
> On Mar 4, 2024, at 11:07 PM, Chuhan Wang wrote:
>
>
> Hi Douglas,
>
> Thank you for your insightful summary of our paper. I'd like to share some of
> my opinions.
>
> You mentioned clients lose control of their SPF integrity. It's one of the
> key problems exactly. Clients host their
Hi Douglas,
Thank you for your insightful summary of our paper. I'd like to share some of
my opinions.
You mentioned clients lose control of their SPF integrity. It's one of the key
problems exactly. Clients host their email services on email providers. They
are required to include email
