It seems that everybody are looking for one stop shopping for spam prevention. The truth is there’s no such thing, nothing will ever effectively stops 100% of spam, period. This is what happens with SPF. A good number of mail admins are reluctant to implement SPF on their servers because they found out it doesn’t stop much spam as they expected it before. Of course it won’t stop much spam for now. But if almost all domains on the Internet implement it, the spam problem becomes much more manageable. I think SPF is the next right step after we hunt down open relays since several years ago. We knew that closing open relays will not stop spam, but we did it anyway. Why don’t we do the same to SPF?
The problem with Microsoft’s SenderID licensing is unfortunate. It is unlikely that SenderID will become an Internet standard unless Microsoft’s lawyers do something about it. However SenderID understands SPF syntax well, so whatever the outcome of this SenderID problem, every SPF and SenderID aware MTAs will obey SPF records.
Closing down open relays is easy, it is only an administrative task. Implementing SPF is much more troublesome because syntax and protocols must be agreed upon on all involved parties. And even the most troublesome of them, Microsoft, has agreed to support SPF records! There is never a better time to implement SPF other than now.
Domain owners! Please implement SPF now!