On Mon, 23 May 2005 10:30:18 EDT, John Leslie said:
] 7. The Received-SPF header field
] It is RECOMMENDED that SMTP receivers record the result of SPF
] processing in the message headers. If an SMTP receiver chooses to do
] so, it SHOULD use the "Received-SPF" header defined here for each
] identity that was checked. This information is intended for the
] recipient. (Information intended for the sender is described in
] Section 6.2, Explanation.)
We may be able to dodge the bullet on this one, by suggesting that the results
of the SPF check be encoded in the Received: header in a manner analogous to
the current logging of STARTTLS. Given the issues listed in sections 9.3 through
9.5 of the draft, this *isn't* something that "most" hops will include - the
I'm replying to has 8 Received: headers, of which only 2 could possibly have a
sensible result to an SPF check....
We SHOULD discuss on this list whether such a header can be considered
a "trace field"; and I'd like to suggest that we do so in a context of
what "envelope information" means.
We should probably do this anyhow...
Unfortunately, we currently have vagueness about envelope.
By fixing this document as required....
Description: PGP signature