[mailto:owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com] On Behalf Of Radu
Sent: maandag 28 februari 2005 23:07
Subject: Re: [spf-discuss] Re: Email Forwarder's Protocol ( EFP )
This "fail == reject" is a matter of local policy.
Yes, it is. It just keeps striking me as odd that pobox, supposedly a
'live' showcase for SPF, apparently does not take SPF results too
seriously. Suffice to say I would not have done that. I mean, if your
grandma baked you cookies, but did not dare to take one herself, would you
not frown a bit? :) Not a big deal, really; just thought I'd mention
I thought SPF's mission is just to tell if the message is
authentic or not, but not suggest any disposition, be it
to accept or to reject.
Well, as I said elsewhere, there is, of course, an "implicit"
recommendation associated with 'fail' that is hard to ignore. That is why
I, personally, lean towards looking at this in terms of "sender policy"
(after all, we call it Sender Policy Framework, no?). But really a cogent
case can be made for the exact opposite position, if you argue, like the
folks of SA do, for instance, that it is not SPF which makes the decision
for you, but you yourself. Clearly true as well.
I am really not too invested in either position, though; "My MTA, my
rules" remains a truism beating all. :)
In this case,
pobox.com should have consulted with the final recipient to
see if it is willing to accept a message with failing SPF check.
In any case, a definitive answer cannot be given until after
RCPT TO: ...
We don't currently have a mechanism for this as far as I know.
Since SPF and SRS are essentially SMTP Service Extensions, I once
sugggested two RFC1869 4.3 compliant SMTP Service Extensions, like:
<<< 250-X-SRS 0
The second one says: "I do SRS0, but I am no SRS1 forwarding host." A
forwarder, like pobox, for instance, might respond:
<<< 250-X-SRS 0 1
Indicating they do both SRS 0 + 1. Similarly, one could say something
<<< 250-X-SPF s
Where 's' is a 'strict' flag. Then a forwarder could abort when
the 's' flag was set and the forwarder himself attempted to
relay a 'failed' message. You get the idea.
I actually had these two extensions compiled in, once, in an earlier
sendmail; but I forgot them the last round. Why, it was kinda silly, too,
what with no one else supporting them yet. :) But with flags like these, a
forwarder could decide as soon as after EHLO.
System Administrator Asarian-host.org
"If you were supposed to understand it,
we wouldn't call it code." - FedEx