Mark Lentczner wrote:
Several alternative syntaxes have been proposed that would make such a
thing simpler, and fit in only one record. Indeed, we thought of some
too. We rejected them because, for better or worse, SPF is actually
deployed and we are wary of changes to the syntax that will break
existing parsers. Success has its downsides!
Using modifiers does not change the syntax and will not break existing
parsers.
Along these lines, I'm looking for a reasonable example that motivates
such a situation. The above example is too contrived:
Let's take a real example: AOL never says "EHLO aol.com". So their SPF
record could be
"v=spf1 s=-h ip4:152.163.225.0/24 ... s= -all".
("s=-h" means "ignore the following mechanisms if the scope is "helo").
Or another example: My sever says "HELO mail.pamho.net" and
"MAIL FROM: <(_dot_)(_dot_)(_dot_)(_at_)pamho(_dot_)net>. So the SPF records
could be:
pamho.net TXT "v=spf1 s=-h ip4:81.221.18.146 -s= -all"
mail.pamho.net TXT "v=spf1 s=h ip4:81.221.18.146 -s= -all"
With these two SPF records old parser will accept mail from 81.221.18.146
saying
"MAIL FROM: <(_dot_)(_dot_)(_dot_)(_at_)pamho(_dot_)net>" or "MAIL FROM:
<(_dot_)(_dot_)(_dot_)(_at_)mail(_dot_)pamho(_dot_)net>".
(This is not what I intented but it does not break anything).
And new parsers will reject mail saying
"MAIL FROM: <(_dot_)(_dot_)(_dot_)(_at_)mail(_dot_)pamho(_dot_)net>" or "HELO
pamho.net".
I think that is true for many domains (yahoo.com, netscape.com,
compuserve.com, linux.org, msn.com, etc.).
Roger