What is far more likely is that spammer will find the lazy
administrators who set up an SPF record with '-all' and use those
domains exclusively to forge their return addresses. Of course, that in
itself will lead to sites using SPF to discount *any* record containing
'-all' so spammers will not be able to use this for very long.
I find this counter-intuitive. Please explain.
Doesn't -all mean the admin has done the work to positively identify all
the valid sources of email from his domain?
That was what I was going to ask. Unless you're suggesting they *only*
put in '-all'.
-- Bryan
