[Asrg] Receiver Initiated Authentication

[Chris Lewis]

SM wrote:

> I suggest that you don't underestimate the technical prowless of spammers.

Freudian slip? ;-)

I can't help thinking that spammers will have a field day spamming 
themselves with forged, say, @hotmail.com, doing the captchas to 
"approve" bogus IPs, and then firehosing the world with what would now 
verify.  The Nigerian 419 hordes would have fun.

Frankly, also, much as I'm not fond of SPF, I'd object to having our SPF 
policy subverted to lend additional credibility to entities that aren't 
under _our_ control.