Alex van den Bogaerdt wrote:
On Thu, Jan 29, 2004 at 03:54:23PM +0000, Wechsler wrote:
Extensibility:
* http://spf.pobox.com/mechanisms.html states that third party
mechanisms and modifiers are permitted.
* Unknown mechanisms will cause 'unknown' results IF the parsing of an
SPF record gets that far without reaching a result.
This is a defined and accepted behaviour of the specification.
Maybe it's just me misinterpreting this. I read it as:
If I reach an extension that is not implemented by me
then the end result is an 'unknown'.
To me, an unknown is the same as "?all" or an absent record.
Yes but "v=spf1 a/24 mx ?all" is not the same as "v=spf1 ?all". The A
and MX rules in the examples give me a chance to get a + before I hit
the PGP.
Then I read the following:
* 'PGP' and 'Habeas' are proposed as mechanisms (but have undefined
syntax as yet). Therefore we can imagine an example of:
v=spf1 +a/24 +mx +pgp -all
and I interpret this as:
Is_the_mail_coming_from_the_/24 ? return accept : continue_parsing
Is_the_mail_coming_from_the_MX ? return accept : continue_parsing
Unknown_mechanism -> return unknown
All correct. Most of his valid mail will never reach the 'PGP' though.
then when I read this:
In the normal case, mail will be sent from the home /24 subnet or the
home mailserver (perhaps via SMTP auth). The domain owner undertakes to
sign mail sent from any other location with a PGP signature. The default
is -all as we assume that this example takes place in the happy shiny
future when SRS is implemented widely.
I think: default is "-all"? Not for me, because I return "unknown".
OK *intended* default is -all, but the record creator is happy for those
not implementing PGP to use a "fallback default" of ?all - but an
intelligent, non-pgp-aware parser might stick the header:
SPF-Require-extension: PGP
in the message as it passes through.
I see that as the smoothest possible way to implement extension
mechanisms, with a tolerable tradeoff between getting the exact desired
result on one hand and completely abandoning the parse attempt before
starting it on the other.
Of course this all depends whether wayne's right about the discrepancy
between the website and the RFC :/
Wechsler
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.4.txt
Wiki:
http://spfwiki.infinitepenguins.net/pmwiki.php/SenderPermittedFrom/HomePage
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname(_at_)©#�«Mo\¯HÝÜîU;±¤Ö¤Íµø�?¡