On Wednesday, August 18, 2004 at 11:30 PM "Harry Katz" wrote:
<snip>
- More importantly, this allow us to give much clearer directions to
senders in terms of what to publish. You publish the IP addresses of
servers authorized to send mail on behalf of your domain. We're not
trying to mix this up with the IP addresses of servers that receive
bounce messages on behalf of your domain.
<snip>
Harry,
There's a VERY important point here.
I presume that when you talk of "IP addresses of servers that receive
bounce messages on behalf of your domain" you are referring to the SPF records.
You and I seem to have a significantly different understanding of how SPF works.
In my understanding, a 'pass' result from a call of SPF's
check_host(IP, DOMAIN, SENDER)
function, with DOMAIN and SENDER derived from the MailFrom: address has the
following semantics:
"The domain DOMAIN authorises the host IP to *originate* messages whose
Mail-From address is SENDER".
SPF is not designating "servers that receive".
Just like Sender-ID it is designating servers which are authorised to send.
The semantic differences between the two authorities are actually very subtle,
and it is my understanding from discussions on the spf-discuss list that the
majority of sites could have identical records for both tests - which is why it
so galls many knowledgable observers that the IETF seems determined to proceed
with an approach which _forces_ two sets of usually-identical records to be
established and maintained.
This is not the time and place to explore the circumstances under which the
records would be different - it needs extensive, detailed UseCase analysis (and
for SPF to have been submitted to the IETF?).
Significant questions:
=============
Is it possible that, all along, there has been a fundamental misunderstanding
of SPF amongst the designers of Sender-ID?
If so (and these misunderstandings were corrected), is there an engineering
opportunity to work towards a sympathetic fusion of Sender-ID and SPF *at this
time*?
Yours optimistically,
Chris Haynes