>> Google is telling all of their mail customers to add DMARC DNS records to >> block >> spoofing of their own domains
>before Google ist telling somebody something they should better learn >the difference between "~" and "-" in a SPF record to make gmail.com at >least on envelope-level spoofing protected >i high percentage of spam here would not only have been flagged but >outright rejected if they would do their own homework You must not understand why Google promotes the ~all over the -all. The problem is most people don't know all of the legit sources of email for their domain so it's dangerous to use -all if you aren't 100 percent sure that all of your senders are covered in your SPF record. For Google and myself, it's better to tell everyone to use ~all and SOFT FAIL the SPF check to put the message into the Spam folder than to have mail bounced. The ~all is also the best way currently to handle the forwarding problem mentioned by Alan Hodgson. SRS has it's own problems.
