Douglas Otis wrote: > The "opt-out" of PRA is actually "opt-in" using the > "spf2.0/pra ?all" record. No, the PRA spec. claims that you "SHOULD" get PRA for a pure v=spf1 policy, and if you don't want PRA for whatever reasons you have to "opt-out" from PRA with a dummy spf2.0/pra policy. That's "opt-out" like the opt-out-doubleclick cookie, "don't- call-me" lists, and similar schemes. Of course the SPF spec. says that checking other mail identities (not limited to PRA) against v=spf1 without the prior and explicit consent of the v=spf1 publisher is NOT RECOMMENDED. > These concerns were expressed here: > http://www.imc.org/ietf-mxcomp/mail-archive/msg05502.html It's almost a year older and also known as "Olson objection". From my POV it was always obvious, I used a cute 2476 MSA with "enforced submission rights" (6.1) and a Sympa mailing list in 2004, and both would result in PRA FAIL for legit mail from me if checked against my v=spf1 policy (IIRC set up in May 2004). Bye, Frank _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf