Michael / David,
Michel Py wrote:
Consider the following strategy:
1. Encourage everyone to publish -all. Now.
2. Discourage everyone to reject on -all until SRS/DAVE happens.
David McNett wrote:
I dislike this plan because it steals my ability to use -all.
I have no forwarding concerns for my domains and I *want*
people to be treating my SPF records as gospel. Without an
-all-i-really-mean-it option, SPF is crippled for people who
don't have concerns over forwarding/SRS issues.
Michael R. Brumm wrote:
I think Michel intended rule #2 to exclude smaller installs
with just a few users who don't have any e-mail being
forwarded to them. I'm pretty sure his recommendations are
for larger organizations (like ISPs or large corporations)
who don't really have a handle on what exactly their users
are doing with the accounts. Those are the installs that
need to be careful about accidentally blocking someone's
forwarding.
I wish it was that simple. Even for my personal (read: 2 home users
including me) domain, I have to deal with the forwarders situation.
Little flash-back: as explained before, "forwarders" is a very generic
term. Among the things that are potential annoyances are:
- I buy and sell on eBay.
- I am subscribed to way too many mailing lists and it is unavoidable
that they will not all upgrade right away.
- Although I pop3 most of my multiple external accounts into my Exchange
inbox, there are some that I can _not_ pop such as mpy(_at_)ieee(_dot_)org
because
the base mechanism is forwarding.
- I also manage a few mom-and-pop domains, and although their forwarders
issue is not as complex as mine, it does exist.
- NTM that a lot of people I email from/to are about as crazy as I am.
In short: although I would like to, it is unsafe to assume that even the
smaller setups can ignore the forwarders issue.
Now, back to David's point:
David McNett wrote:
I dislike this plan because it steals my ability to use -all.
I have no forwarding concerns for my domains and I *want*
people to be treating my SPF records as gospel. Without an
-all-i-really-mean-it option, SPF is crippled for people who
don't have concerns over forwarding/SRS issues.
David, you both miss my point and make it at the same time.
I *want* people to be treating my SPF records as gospel
ME TOO, which is why I did publish with -all in the first place. I'm not
saying we're all in the same boat WRT this, but lots of us are (see
stats on the ML not too long ago). You're preaching the choir here, the
issue is not what we *want*, the issue is that we can't deliver it as of
today because of the forwarders issue.
Let's try again:
a) We are about to launch a marketing/PR campaign. The goal is to
convince David that he needs to publish an SPF record for his domain,
and that what he publishes ends with -all. A little bird has told me
that we could convince David.
b) What the marketing/PR campaign could <cough> forget to tell David is
that publishing -all on his record will not yield the results that the
marketing has suggested right away. This is the fault of the <cough>
marketing guys, naturally; they don't understand the technicalities, do
they? <cough>
c) This text will self-destruct in 30 seconds.
What we certainly don't want to tell David is that indeed we did know
about what's mentioned above in b). All we care is that we get a million
Davids to publish.
d) I never wrote this. This is a dream.
What we _absolutely_ don't want David nor the 999,999 other ones we
signed up to know is that there are two ultimate goals in this:
d1) david(_at_)corporate(_dot_)com, frustrated because he's been conned
by the marketing guys, wants to make it work and gets on
the ass of forwarders so they finally update their stuff,
allowing everyone to reject on -all.
d2) david(_at_)mom-and-pop(_dot_)com, frustrated because he's been
conned by the marketing guys, also wants to make it work
and says "screw it, I'm gonna reject on -all no matter
what they say because it's not going to change anything
for me anyway".
Set aside the uncomfortable feeling of being manipulated, what do you
think?
Michel.