Bret Miller said: > Yes, you should. But what happens if my almost-informed user decides to > do it the old way? Do you blacklist my domain because a user decided to > do things wrong?
I'm not sure how things could come to such a state - using SPF does not "blacklist domains", but rather penalizes a message purporting to be from a certain domain which has stated what their mail servers are, but is not being sent from one of those mail servers. If used up front, in e.g. postfix, a failed SPF check results in a bounce, but in SA it could be used to augment the calculated spamminess of a given message, which is a little more flexible. e
