In email servers, even if they have SPF check configured, DMARC DNS record can override it (if DMARC DNS record is not set or if the field p value in DMARC DNS record value is "none", nothing will happen by the email server even if the SPF check will fail), it means that any domain owner can allow (using the DMARC DNS record) for any email address of his domain to be spoofed by any attacker in the internet, to my opinion the user needs to be fully protected in his email client due to it and also to check regarding SPF in his email client (and not to rely on the email server which is relying on DMARC DNS record which is set by the domain owner).

From: members-discuss <members-discuss-bounces@ripe.net> on behalf of Frederic Vagner <haisoft@haisoft.net>
Sent: Sunday, April 26, 2020 7:31 PM
To: members-discuss@ripe.net <members-discuss@ripe.net>
Subject: Re: [members-discuss] Technical Solution to resolve the global "Email Spam" problem

Hello,

I'm not sure if you are aware but SPF is doing something similar but a
lot easier to setup : it tells all the servers to accept or deny an
email depending on the server sending it. Unfortunately for SPF, just
like your system, everyone is not using it. If every domain was using
SFP properly, all webservers could simply block emails sent through
unauthorized servers and that'd be it ! But people are just not
concerned enough to setup SPF on all their domains and domains without
SPF setup properly or just not setup are the ones used to send spam and
succeeding ...
So sad ...

Have a nice day !
(and I'm not sure this mailing list is here to discuss enhancement to
The Internet, there are other places to better do that, I'm sure)

Frederic Vagner
HaiSoft

_______________________________________________
members-discuss mailing list
members-discuss@ripe.net
https://lists.ripe.net/mailman/listinfo/members-discuss
Unsubscribe: https://lists.ripe.net/mailman/options/members-discuss/elad%40netstyle.io