As for the greeting card companies if SPF takes off they will wake up and change their delivery method. How else will they make their advertising buck?
Actually, the greeting card companies *should* already be doing this. The return address is used for bounce messages. If they are using the supposed E-mail address of the web site visitor, any bounces will go to the innocent victim whose E-mail address has been used. So they should use their own domain name in the return address. If this is the case, they automatically get an UNKNOWN instead of a FAIL (or a PASS if they add their own SPF record).
Meanwhile, if they keep the supposed address of the web site visitor in the From:/Sender:/Reply-To: headers, the recipient probably won't know the difference, and replies will be sent to the person who requested that the greeting card be sent.
-Scott
---
Declude JunkMail: The advanced anti-spam solution for IMail mailservers.
Declude Virus: Catches known viruses and is the leader in mailserver vulnerability detection.
Find out what you've been missing: Ask about our free 30-day evaluation.
--- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
--- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
