- SPF was not designed to be used this way. It is doubtful that anyone
has written anything that even remotely considered this option in use. You will likely have to write it yourself.
- SPF is still in RFC testing, so it is not yet a full internet
standard. And once it is, the standard still does not condone using it the way you intend. IOW, there is nothing in the standard that states you must have a SPF record to be a legit email domain. Basically, you'll have a broken mailserver. We are actually stuck with having to take ours off for the moment as one 'service' we use demands sending email from their mailservers using our email address and they still have no SPF record.
If you do this, most likely you will not get around 90% of the good email as SPF is not widely used as of yet. But I guess if you are only interested in receiving email from a few 'known' domains... it could work. Seems it would be easier to just blacklist all and whitelist the few? If it is just for internal... perhaps a webmail system with no outside email ability would be the way to go?
Dear Hilton. J
Thanks for your advice, i actually know this. what would you say about those who put there efforts to implement SPF. why they do it?
Thanks / Regards Prabh S. Mavi