Re: return of SOFTFAIL
2004-01-27 19:09:46
I do think the softfail is a better thing to have than merely the
unknown, and fail. I'm pretty sure of my mailing habits, but wanted to
make sure. However, Unknown means that you really just messed up the
record, in the end. I think it's effectively equivalent to not having
the SPF header, in some ways.
What *would* be nice is some way for the domain controller to tell how
much email from their domain is softfailing. I don't think it's
possible, but maybe a message to the user saying the mail went through,
but that their SysAdmins where not happy with their SMTP server choice.
Is it possible with the patches to do a soft bounce, similar to the
message when you can't reach a machine for 4 hrs? I think that might
be the only way to get the info back to the sysadmins.
Obviously the recieving party will have the data of the softfaill. How
do we get it back to the domain owners? Would a soft bounce to the
original email get the user to talk to the SA?
Ideally, we might be able to get the softbounce to generate a message
to a standard email address at each site, like spfbounce(_at_)example(_dot_)com,
if you use the soft fail. You can choose not to get the emails by not
using the ~. If you use +,?, or -, you get no email.
~ should get us the statistics, and more importantly the headers of the
SMTP servers that are users are using.
(AOL might not do it, but it might be useful to some of the rest of us,
to test the whole system out. Getting AOL would be amazing :-)
So, who has comments for the neophyte on SPF? I've been hearing about
SPF since LISA (SAGE). It's nice to see it really taking off. Does
any of what I've said really make sense?
Matthew
--------------------------------
Matthew Barr
mbarr(_at_)datalyte(_dot_)com
Managing Partner
Datalyte Consulting, LLC.
(646) 765-6878 (cell)
On Jan 27, 2004, at 8:11 PM, Meng Weng Wong wrote:
On Wed, Jan 28, 2004 at 12:47:56AM +0000, Dan Boresjo wrote:
| On Tuesday 27 January 2004 11:07 pm, Meng Weng Wong wrote:
| > I'm going to bring back "softfail" so people don't have to choose
| > between "?" and "-" --- "~" will be a happy medium.
|
| As the spec is supposed to be frozen, I hope you are referring to
SPF2?
No, I'm afraid this is a change for spfv1. It's a very minor change
though with very big results. I want to put SOFTFAIL back in for the
following reasons:
1) I took it out too hastily when Eric Allman questioned its value.
2) If we put it back in, people won't have to choose between "unknown"
and "fail".
3) AOL will be able to change their record to ~all.
4) We'll then be able to gather much better statistics on expected
false
positives and so on.
5) It lets domains smoothly switch from ? to - by stopping at ~ along
the way.
6) Wayne talked me into it.
SOFTFAIL means a receiver MTA should still accept the message, but
apply
a higher level of skepticism or a higher transaction cost: it should
content-filter it more strongly or (in a universe where hashcash is
available) the receiver MTA could ask the sender to compute some sort
of
hashcash.
This change will be backward compatible to all existing published
domains.
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.4.txt
Wiki:
http://spfwiki.infinitepenguins.net/pmwiki.php/SenderPermittedFrom/
HomePage
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.4.txt
Wiki:
http://spfwiki.infinitepenguins.net/pmwiki.php/SenderPermittedFrom/HomePage
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
- Re: Mechanism usage in live SPF records, (continued)
- Re: Mechanism usage in live SPF records, Thomas Harold
- Re: Mechanism usage in live SPF records, Meng Weng Wong
- Re: Mechanism usage in live SPF records, Guillaume Filion
- Re: Mechanism usage in live SPF records, Dan Boresjo
- return of SOFTFAIL, Meng Weng Wong
- Re: return of SOFTFAIL,
Matthew Barr <=
- Re: return of SOFTFAIL, Meng Weng Wong
- Re: return of SOFTFAIL, wayne
- SPF spec is frozen, but I don't think it has been finalized, wayne
- Re: SPF spec is frozen, but I don't think it has been finalized, Phil Howard
- Re: SPF spec is frozen, but I don't think it has been finalized, Mark
- Re: Mechanism usage in live SPF records, Wechsler
- Re: Mechanism usage in live SPF records, Dan Boresjo
RE: Mechanism usage in live SPF records, Hallam-Baker, Phillip
RE: Mechanism usage in live SPF records, Hallam-Baker, Phillip
|
|
|