On Tue, May 11, 2004 at 09:03:29AM -0500, wayne wrote:
quote from draft:
If a loop is detected, or if more than 20 subqueries are triggered,
an SPF client MAY abort the lookup and return the result "unknown".
Isn't this way too relaxed?
If you use SPF to protect the trust in your domain, it is important that
a small misconfiguration doesn't result in a lost SPF protection.
[...]
In other words, the draft should be changed to:
"If a loop is detected, or if more than 20 subqueries are triggered,
an SPF client should ignore further subqueries and proceed to
Interpret the rest of the SPF record without the subqueries."
I disagree with this very strongly. While everyone can have
differences of opinions here, I think that the vast majority of people
would rather have email delivered with an "unknown" SPF result rather
than having valid email rejected. SPF is designed to be "fail-safe".
My intention is twofold:
1: change MAY into MUST so to become less vague
2: prevent the bad guys from taking advantage of what I consider to be
a weakness
That is, if something is wrong, things should fall back to the way it
would be if there was no SPF record published.
Should it? If something is designed to be fail-safe, that could also
mean the exact opposite. If you think of SPF as a means of expressing
this: "No mail should be delivered, unless specificly allowed" then
fail-safe would mean that things should default to "-all".
I think you are right in saying there can be different opinions on
this, I would like to know if you can support your claim about the
vast majority wanting to default to unknown.
cheers,
Alex
--
I ask you to respect any "Reply-To" and "Mail-Follow-Up" headers. If
you reply to me off-list, you'd better tell me you're doing so. If
you don't, and if I reply to the list, that's your problem, not mine.