Yesterday in one of the MARID sessions at IETF-60, it was decided that
we should change the version number on the SPF records.
I didn't raise any objections to this during the meeting because I
needed to think about it. Having thought about it over night, I think
that *just* changing the version number and abandoning the SPF1
records is a bad idea.
First off, I think people are underestimating the number of SPF
records that have already been published. Someone with a list of all
the .ch domains has started to go through them and see who has
published records. They added 20,000 domains to the SPF adoption roll
yesterday, and they are only up to 's'. After doing two surveys of
1.3 million email domains in the last 3 months, I have also found that
the adoption roll underestimates the number of published SPF records.
Instead of just changing the version number of the records and
ignoring SPF1 records, I think we should use SPF1 records unless SPF2
records have been published and I think SPF2 should have the scope
variable added as per the Unified-SPF I-Ds. Then, if domain owners
feel that they need different records when used with the PRA
algorithm, they can publish SPF2 records and use the scope variable to
make the required distinctions.
During the discussions of the Unified-SPF idea (which happened mostly
on the SPF lists, not here), there were also some discussions about
using a scope= modifier. Personally, I don't think it is as good of a
solution, but it is certainly a possibility.
For those who are interested in reading the discussions about the
scope= modifier instead of just reinventing the wheel, you can view
the discussions of the spf-discuss archives from June and July here:
http://archives.listbox.com/spf-discuss(_at_)v2(_dot_)listbox(_dot_)com/200406/index.html
http://archives.listbox.com/spf-discuss(_at_)v2(_dot_)listbox(_dot_)com/200406/index.html
Basically search for the posts with the subject that have "unified" in
them.
-wayne