-----BEGIN PGP SIGNED MESSAGE-----
Alessandro Vesely wrote:
Julian Mehnle wrote:
I'd really like to avoid telling receivers what to do with "Fail".
I beg your pardon, but I don't understand this point. Besides that,
as you say, its very name tells what to do, the purpose of a spec
is to formally tell what to do, isn't it?
SPF, "Sender Policy Framework", is a standardized way to declare your mail
sending policies to receivers, i.e., through which hosts you send and
through which you don't send. The main aspect of the SPF spec is to
define how to construct these declarations and what they mean. What it
does NOT define is how receivers should react to those declarations and
to the results of evaluating them (with very few exceptions like "Neutral
must be treated exactly like None").
If you observe what e-mail receivers are doing in the wild, you'll quickly
notice that they frequently violate all kinds of RFCs because it turns
out better for them that way (some violations being reasonable, others
merely due to stupidity of course). So about two years ago, when we were
finalizing the SPF spec, we deliberately decided against requiring
receivers to react in specific ways. Choosing the best universal
behavior to put in the spec is very difficult, and many receivers are
going to ignore it anyway.
What would you think of a law that required you, whenever you encountered
a false banknote, to stop whatever you were doing and bring it to the
central bank AT ONCE? Lawmakers might have thought it would be a good
idea, but those subject to the law might often find themselves in a
completely different position.
Perhaps, you mean that telling receivers what to do after various
checks should be the subject of a separate rfc?
Some things are better left unspecified, best practice recommendations
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
-----END PGP SIGNATURE-----
Sender Policy Framework: http://www.openspf.org
RSS Feed: http://v2.listbox.com/member/archive/rss/735/
Modify Your Subscription:
Powered by Listbox: http://www.listbox.com