Spoofed From: Prevention

An anonymous reader writes "It looks like the next promising advance in the war on spam is here! Introducing SPF: Sender Permitted From. A draft RFC is still being written, but the idea is simple: we can prevent forged emails by having domain owners publish a list of IP addresses authorized to send mail from their domain. It's no silver bullet, but how much spam can we eliminate by preventing forged mail from spoofed domains? Maybe we really don't need anti-spam legislation after all? The SPF site is chock-full of juicy info for our reading enjoyment. Bon appetit!" Interestingly, the to-do list mentions the possibility of seeking a defensive patent on this scheme, too.

Dear Spammers,

[Letter]

Dear Spammers,

I have SPF 45. Your UV rays stand no chance against me.

Sincerely,
Letter

Verisign will assume they know better

[ziegast]

I can't wait to see this published by the GTLD servers:

*.com. IN TXT "spf=deny"
*.net. IN TXT "spf=deny"

-ez

What about...

[SharpFang]

adding obligatory header "x-spoofed-from" to email headers? Just like the new "evil bit" in TCP...