I finally got around to reading the current draft and have some minor
comments that focus on compaction. From what I can tell effort is being
made to pack a lot of info into small amount of space (512 bytes). My
suggestions take this view in addition to looking at how I would like to
parse it as a programmer:
a) Conerning "v=spf1". Start the record directly with the type/version
tag "spf1". In other words drop the v= prefix. Since all information is
process ed left to right and we know the version must start the record,
why do you need to point it out with "v="? If you were doing an xmlish
style attribute list where they can appear in any order I might
understand, but I thinks its pretty clear.
v=spf1 ?all
becomes
spf1 ?all
b) The default result. Why bother with an "all" mechanism, when the
default result could be specified as part of the version tag:
spf1 ?all
becomes
?spf1
c) Concerning "exp=". This is appears to be more default supplemental
infomation in the case of failure. Could this be merged with the version
and default result? For example:
v=spf1 mx -all exp=explain._spf.%{d}
becomes
-spf1=explain._spf.%{d} mx
Hmm. On second thought I don't see the need for "exp=" modifier now nor
would I implement it (drop MUST requirement for "exp"). An SPF client
implementation should be left to report its own interpretation of a
failure to the sender or use predefined messages specified by the SPF
specification. This avoid further TXT lookups. Also these messages
probably appear in mail logs and so would be useful to statistics
gathering software if they were standardised either by the
implementation or the specification.
d) The Received-SPF header. Drop this header and have this infomation
folded into the regular Received header, which already allows for
arbitrary name/value pairs in the name-val-list and comments. The added
advantage to this is that it can be seen which servers support SPF.
Received: from wks.ch (lsne-dhcp-5-51.urbanet.ch [195.202.205.51])
by pop.snert.net spf pass (extra commentary) id hB48F1b9014462
for <achowe(_at_)snert(_dot_)com>; Thu, 4 Dec 2003 09:15:03 +0100
If you feel that a Received-SPF is really necessary then include trace
information such as server name, ip, and timestamp so that multiple
instances of this header can be followed:
Received-SPF: error by pop.snert.net [193.41.72.72];
Thu, 04 Dec 2003 09:15:01 +0100
--
Anthony C Howe +33 6 11 89 73 78
http://www.snert.com/ ICQ: 7116561 AIM: Sir Wumpus
"...simplicity is a goal of good design,
it is never the starting point." - Dan Geer
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.txt
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡