Good case made at link against using spf(Open Relaying by SRS wrapper, etc). Listing of alternatives, links to.
http://www.advogato.org/article/816.html
"Some people claim that SPF directly combats spam. It doesn't. SPF attempts to address forgery. In fact, a large amount of spam rates an SPF 'pass' result, because spammers have rapidly adopted SPF for themselves. You still need a blacklist or other kind of trust database, to tell you which domains are trustworthy and which are not. But we already have lots of blacklists; it's just that we list the IP address instead of the domain name, to tell you which hosts are trustworthy and which are not."
Open Relaying with an SRS wrapper--
"By rewriting the address of mail you're forwarding so that it appears to come from your own domain, you put your own reputation on the line"
"Any spamming host can do the SRS trick to 'take responsibility' for forwarded mail. If your ISP receives mail from the address I used in the above example -- '[EMAIL PROTECTED]' -- then they have no real way of telling whether it really did come from Bill Gates via my servers, or whether it's a fake. SPF would just accept the mail, depending on my domain's reputation in the trust database. It's all about how much you trust the one server which is offering the mail -- it's not an end-to-end authentication. So SPF is really not any better than blacklisting by IP address or HELO name"
"The original sender address is useful information, and can be lost if an intermediate host mangles the mail by using SRS. A sender address may be present in a blacklist, or may fail SMTP callouts. Yet an intermediate host 'takes responsibility' for the mail in question, causing it to be accepted anyway. Sender addresses are also used for mail filtering. The sender address is the most reliable method of filtering mailing list traffic into its own folder; using Cc: and/or To: headers has both false positives and false negatives, and using the List-Id: header has false positives too. Again, SRS mangles this information"
"By implementing SES or BATV, you can instantly stop accepting bounces to mail which you didn't send"
______
"MARID is dead(thanks to Microsoft trying to poison-pill linux/bsd)"
