On Tue, 1 Jun 2004, Guillaume Filion wrote:
I'm pretty sure that a couple of years from now, people will want to do more
with SPF and will have troubles working with the existing syntax. They'll
then reinvent the wheel by adding a lot of parentheses and curly quotes, and
SPF records will start looking like:
v=spf3
key{[gfk;info](_at_)logidac(_dot_)[net;com;org];gfk(_at_)gfk-palace(_dot_)org}=0x454FACD4
mx -all
Anything like that is much better done using the 'exists' mechanism.
There is no reason to make mail recipients execute every more capable
virtual machines with ever increasing possibility of exploits via nasty code
delivered via SPF - with or without XML - by spammers and viruses.
o Any information made available via any future syntax to a mail receiver
is *already* available to the sender (and hence the DNS server for exists).
o Any information required from the mail receiver is requested by means
of the defined macros for the exists mechanism. The list of information
receivers must make available is deliberately limited. Mail receivers do
not want to give out arbitrary information to any spammer or virus
that comes calling.
o If you're going to trust some crypto key delivered via DNS, you have
just as much reason to trust a pass/fail decision made directly by the
DNS server.
The potential extensions benefiting from XML all have to do with verifying
stuff in the DATA portion. There is no reason to clutter up SPF by
extending it to handle the DATA portion as well (beyond the RFROM/reverse path
extension which moves some additional info to before the DATA phase).
Why not use the existing XML framework for the after DATA phase, and the
existing clean and efficient SPF framework for the before DATA phase?
That way, mail senders could opt to publish one or both, and mail
receivers could opt to verify one or both.
I *hate* the idea of requiring mail receivers to support both just so that
mail senders can pick one or the other. It is truly the worst of both
worlds.
--
Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.