On Feb 17, 2004, at 10:11 PM, Meng Weng Wong wrote:
On Tue, Feb 17, 2004 at 10:06:56PM -0500, Theo Schlossnagle wrote:
| Assuming that you reject message on a soft-fail (~), you can toss
the
| connection out here.
Hey! Don't do that! :)
Agreed, bad example. But it brings up an interesting point... read on.
"fail" means reject, "softfail" means score as spam, save to spam
folder, etc.
Domain owners need to be able to transition from "neutral" through
"softfail" to "fail" at their discretion, and we should respect their
wishes.
I still believe that SPF _does not_ expose the wishes of the sending
domain. It exposes the _facts_ of the sending domain and acting on
those facts is based on the "wishes" of the receiver.
To store it only to delete it later is really up to a user -- depending
if they peruse their spambox before expunging it. There are plenty of
users out there that simply empty their spam boxes methodically without
ever reading the messages. From the ISP's perspective, there is no
good reason to "file it as spam" when a particular user say "toss it".
We approach this as a configuration issue. We allow the admin to:
1) give a code (250, 451, 550, etc.) (defaults to 250 for all by
"fail" which is 550)
2) a time cost (pause the session for this amount of time) (default 0)
3) an override for the domain provided explain (optional, default null)
4) an option fallback explanation (option, default null)
All four of these are configurable for each response (pass, nuetral,
softfail, fail)
Additionally it would be trivial to "hook in" user's preferences to
those so that the "attitude" of the mail server towards SPF facts is
the attitude of the user in the RCPT TO:, it would simply delay the
"execution" of the effect to the RCPT TO phase or later.
// Theo Schlossnagle
// Principal Engineer -- http://www.omniti.com/~jesus/
// Postal Engine -- http://www.postalengine.com/
// Ecelerity: fastest MTA on Earth