[Top] [All Lists]

SPF I-D for review: draft-schlitt-spf-classic-01.txt

2005-05-20 13:12:42


There is a new I-D for the SPF email anti-forgery system available for
review.  This draft tries to document the current practices of the
~1,000,000[1] published SPF records and ~10,000[1] deployed SPF
systems that are checking 20-100million emails per day.


Discussions about this, and previous, drafts have been taking place on
the spf-discuss(_at_)v2(_dot_)listbox(_dot_)com mailing list.  To subscribe or 
the archives, see

While I have been reading this mailing list for many months and will
note any comments posted here, sending email to the spf-discuss list
or to me personally is probably better than flooding this list.

I realize that the whole subject of SPF (and similar systems) has a
certain amount of controversy to it, but for the purposes of this
draft, I am very reluctant to try debate these issues.  The goal is to
document a de-facto standard.  Debates about better techniques, why
SPF is evil, etc. are probably best discussed on things like the IRTF
ASRG list, SPAM-L, the NANAE newsgroup, or on spf-discuss on a
separate thread/subject.

While SPF mostly deals with the [2]821 SMTP level, there are some
[2]822 issues, in particular, the Received-SPF header.  To be quite
honest, this header has kind of been neglected and could use more
refinement than most other parts of the draft.  One thing I just
tracked down (after this I-D was already submitted) was that I don't
specify a CRLF at the end of the header.  Ooops.

My intention is that after a two week review, I will make a "final"
revised draft and ask the IESG to consider it for a Proposed Standard


[1] These numbers are estimates as of earlier this year.  They were
pretty solid back then, and have probably grown since.  I have data
to back them up and they are almost certainly underestimating the real