Regarding complaints that SPF is "too complex" ... I wonder if it would
help or hurt the cause to have some recommendations for a "minimal"
implementation of SPF. This might address concerns such as Eric Allman's
"must be doable in rules"...
Something like, "If the receiving mail system does not support certain
mechanisms, such as exists, include, redirect, or anything containing macro
expansions, the result should be "unknown" and processing should stop. For
example if the spf info for a domain is
v=spf1 +a +mx +exists:%{i}.%{s}.spf.domain.com -all
then processing would return "Pass" if the A or MX tests pass, and if the
client does not implement exists or the macro expansion, then processing
should return "unknown" and not continue on to the -all directive.
The absolute minimum for SPF compliance is support for a, mx, ptr, and
ip4/ip6 ranges. This should cover the published SPF info for most domains."
Personally, I think any SPF implementation that doesn't implement
everything in the draft will be found to be deficient and replaced with
something better, quickly. I think it's more about giving people options
and being able to say SPF is flexible enough to meet *everyone's* needs,
even if they choose not to use the whole thing... In other words I don't
expect many "incomplete" implementations, but I am floating this suggestion
so we might have something to answer those objections right now, even if we
believe the objection would have been (will be) resolved on its own some
better way later.
--
Greg Connor <gconnor(_at_)nekodojo(_dot_)org>
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.4.txt
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡