Hi all,
I'd like to suggest that the current ABNF doesn't do a very good job at
limiting silly states, in particular about the relationship of propspecs
to methodspecs. What exactly does dkim=hardfail smtp.mailfrom mean? I'm
pretty sure that it's meaningless, but neither does the ABNF limit this,
nor does the current draft even discuss why you'd choose one of the
ptypes at all.
I think we should limit this to being what is appropriate based on the
method. From what I can tell, there's only exactly one appropriate ptype
for each method like for example dkim=result header.From=address; so my
stake in the ground here is that we should make that explicit. Even if
it turns out that more than one ptype is appropriate for a given method,
the ABNF should reflect that, and the discussion of each method should
give guidance on _why_ you would chose one ptype over another.
Here's a stab at an ABNF that implements this:
2.2. Formal Definition
Formally, the header field is specified as follows using [ABNF]:
[mat: i think that the trailing ; should be ok... not sure if
this is the right abnf to express that ]
header = "Authentication-Results:" [CFWS] authserv-id
[CFWS [version]]
*( ";" [CFWS] method 1( ";" ) CRLF )
authserv-id = dot-atom-text
; see below for a description of this element;
; "dot-atom-text" is defined in section 3.2.4 of [MAIL]
version = 1*DIGIT [CFWS]
; indicates which version of this specification is in use;
; this specification is version "1"; the absence of a version
; implies this version of the specification
method = dkim-method / domainkeys-method / ssp-method / spf-method
/ senderid-method / auth-method / iprev-method
; a method indicates which method's result is
; represented by "result", and is one of the methods
; explicitly defined as valid in this document
; or is an extension method as defined below
dkim-method = "dkim" [ [CFWS] "/" [CFWS] version ] . dkim-result .
ptype-dkim . [CFWS] . "=" . [CFWS] . value
domainkeys-method = "domainkeys" [ [CFWS] "/" [CFWS] version ] .
domainkeys-result .
ptype-domainkeys . [CFWS] . "=" . [CFWS] . value
ssp-method = "ssp" [ [CFWS] "/" [CFWS] version ] . ssp-result .
ptype-ssp . [CFWS] . "=" . [CFWS] . value
spf-method = "spf" [ [CFWS] "/" [CFWS] version ] . spf-result .
ptype-spf . [CFWS] . "=" . [CFWS] . value
senderid-method = "senderid" [ [CFWS] "/" [CFWS] version ] .
senderid-result .
ptype-senderid . [CFWS] . "=" . [CFWS] . value
auth-method = "auth" [ [CFWS] "/" [CFWS] version ] . auth-result .
ptype-auth . [CFWS] . "=" . [CFWS] . value
iprev-method = "iprev" [ [CFWS] "/" [CFWS] version ] . iprev-result .
ptype-iprev . [CFWS] . "=" . [CFWS] . value
dkim-result = "none" / "pass" / "fail" / "temperror"
domainkeys-result = dkim-result
spf-result = "pass" / "hardfail" / "neutral" / "temperror" /
"permerror"
senderid-result = spf-result
ssp-result = "pass" / "unknown" / "all-fail" / "discarable-fail" /
"nxdomain" / "temperror"
auth-result = "none" / "pass" / "hardfail" / "temperror"
iprev-result = "pass" / "hardfail" / "softfail" / "temperror" /
"permerror"
;; ptypes are of the form ptype.property and referred to
collectively as such
;; in the normative text below
ptype = ptype-smtp / ptype-dkim / ptype-domainkeys / ptype-spf /
ptype-senderid / ptype-iprev
; indicates whether the property being evaluated was
; a parameter to an [SMTP] command, or was a value taken
; from a message header field, or was some property of
; the message body, or some other property evaluated by
; the receiving MTA
[mat: there's an awful lot of CFWS here... is it really needed??]
ptype-smtp = "smtp" . [CFWS] "." [CFWS] . "auth"
ptype-dkim = "header" . [CFWS] . "." [CFWS] . "i"
ptype-domainkeys = "header" . [CFWS] . "." . "from" [mat: /
"header.sender" ?]
ptype-iprev = "policy" . [CFWS] . "." [CFWS] . "iprev"
ptype-senderid = "header" . [CFWS] . "." . [CFWS] .
senderid-pra-address
senderid-pra-address = "from" / "sender" / "resent-from" /
"resent-sender"
ptype-spf = "smtp" . [CFWS] . "." . [CFWS] ."mailfrom" / "smtp" .
[CFWS] . "." . [CFWS] . "helo"
Mike
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html