Dotzero wrote:
After reviewing section 2.4.3 I think it should be split out
separately for SPF and Sender-ID. A pass for SPF does not mean the
same thing as a pass for SIDF. Conflating the two is a recipe for
problems. Mail From pass from SPF is totally different from PRA pass
from SIDF.
Well actually now I'm not sure why you think that. The spec doesn't say
a pass from one is the same as a pass from the other; you could
certainly have "spf=pass" and "sender-id=hardfail" in an A-R header or
pair of headers. The spec only says under what circumstances you would
use "pass" in each case. Both mechanism asks the same question: Was the
client authorized to send by domain's policy (however that got
evaluated)? And it seems to be both mechanisms are sufficiently similar
that they have overlapping answer sets. That's why I grouped them when
enumerating possible results.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html