Lars Dybdahl wrote:
Please look closely at my example:
v=spf1 a:my.own.mail.server
include:some.rarely.used.mailsystem.of.one.of.my.friends -all
If this friend creates a loop in his setup, I would want the fallback to be
v=spf1 a:my.own.mail.server -all
Whereas you want it to be:
v=spf1 a:my.own.mail.server ?all
As SPF rolls out, I can see situations like this becoming very common.
How about this example, very similar to yours:
domain.a txt "v=spf1 a:mail.domain.a include:domain.b -all"
domain.b txt "v=spf1 a:mail.domain.b include:domain.a -all"
Which of these is wrong? Both, or neither?
The current draft spec. enforces loop detection but only specifies that it MAY
result in a return value of "unknown". I would have thought it more intuitive
for processing of an include: mechanism to simply be ignored if processing of
that record was already in progress.
This would allow the example above to be equivalent to:
domain.a txt "v=spf1 a:mail.domain.a a:mail.domain.b -all"
domain.b txt "v=spf1 a:mail.domain.b a:mail.domain.a -all"
which is surely what the authors of these records would have intended, rather
than:
domain.a txt "v=spf1 a:mail.domain.a a:mail.domain.b ?all"
domain.b txt "v=spf1 a:mail.domain.b a:mail.domain.a ?all"
which is what I think the spec. suggests.
Any thoughts?
Paul.