Meng Weng Wong [mengwong(_at_)dumbo(_dot_)pobox(_dot_)com] wrote:
On Thu, Jan 29, 2004 at 06:55:39PM -0600, wayne wrote:
+domainkeys:_params accredit=class3.verisign.com
And how are you proposing that all implementations of SPF know how to
use this new mechanism "domainkeys"? Why not just use a modifier that
can be safely ignored?
He's not proposing that; he's proposing that in the future, if DK comes
out, sites that wish to support it can tell that a sender domain uses
it.
Sites that don't wish to support it will return an "unknown" and
proceed with spamfiltering.
The use of undefined mechanisms should be explicitly discouraged, i.e.
forbidden in a technical sense. If Joe Average starts publishing SPF records
with undefined mechanisms (potentially useful, as Joe thinks), more and more
SPF checks will return "unknown", and SPF will grow increasingly useless. This
might undermine the global value of SPF.
DomainKeys, the best that I can tell, is brain dead. I don't want to
see it anywhere near SPF.
Whether it's good or bad isn't the point; it's whether we can support
arbitrary future authentication mechanisms.
We could support undefined syntax, but we shouldn't try to support undefined
semantics, e.g. by guessing it.
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.5.txt
Wiki: http://spfwiki.infinitepenguins.net/pmwiki.php/SenderPermittedFrom/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname(_at_)���v¼����ߴ���1I��-�F�qx(_dot_)com