In <p0610111abcc69c55cf5f(_at_)[216(_dot_)43(_dot_)25(_dot_)67]> Pete Resnick
<presnick(_at_)qualcomm(_dot_)com> writes:
And do note that this is a straw man; it is something at which
to throw the tomatoes, not anything I consider "done".
Understood. In the last jabber session I suggested using SPF or DMP
as something to use so that we could all be on the same page about
what exactly is meant by "semantics" vs "data" vs "identities", etc.
This will server just as well.
First a word about "sets" vs "lists".
SPF has been given as an example of a "list", but really, it describes
sets. There is no ordering among IP addresses in the sets that SPF
creates with its mechanisms. There *is* ordering among mechanisms
when creating lists, but this is no different than using parentheses
or operator precedence in a set notation.
From that domain. The MARID records will contain entries that (when
fully resolved) will give the receiver two sets of IP addresses,
Two points:
1) SPF creates a set for "DNS errors" to deal with situations when
something can not be fully resolved due to a temporary name server
problem. I think this is an important set and should be kept.
2) You actually describe three sets. The third being the set of
IP addresses that are not known to be legitimate or illegitimate.
* The records
Would you envision the "MARID records" to be a RR set, or single RR
from the DNS point of view, but containing multiple "MARID records"?
This is not just a syntactical issue. You can't depend on the order
of the records in a RR set, and that leads into the next questions.
What happens if an IP address is in more than on set? Would a MARID
client need to process all MARID records in order to determine the
outcome, or can you short-circuit the checks?
The ability to short-circuit the evaluation of C expressions is useful
for not just speed, but also to prevent the evaluation of stuff when
it wouldn't be appropriate.
One of the things that SPF's short-circuit evaluation method allows is
for a tracking mechanism, such as exists:CL.%{i}.FR.%{s}.HE.%{h}.spf.%{d}.
As Margaret Olson and others have pointed out several times, for many
organizations, just the task of figuring out all the legitimate IP
addresses can be a huge job. By adding a tracking mechanism near the
end of the SPF record, you can analyze and debug your email
environment. DMP can also allow for a more limited support for this
debugging.
For what it is worth, I regularly use this trace information and SPF
would be far less practical to use today if it didn't exist.
Can we add this kind of tracing/debugging tool to a pure set notation
system?
That's the quick and dirty proposal. Fire away!
Ha!
I noticed you didn't say "fire at will" like Harry Katz did. We
really need to get someone named Will in this group. ;->
-wayne