"Frank Ellermann" replied:
Chris Haynes wrote:
How's that?
In the discussions about the XML Caller-Id stuff one argument
was that most MTAs are not really interested to do a http GET.
There are four parties in your I18N scenarios:
1 - the owner of a domain defines a sender policy (incl. exp=),
2 - a user of addresses in this domain sending his mail with...
3 - ...an MSA not allowed to send any MAIL FROM "1" addresses.
4 - the recipient (or rather his MX).
"4" rejects the mail based on a SPF FAIL result, and optionally
includes the exp= string found with the sender policy of "1".
"3" has to create a bounce for "2", and probably "3" inserts
the error message of "4" literally. With your idea "3" would
have to GET (http resp. https) the text of the URL. But "3"
doesn't know the language preferences of "2", only the browser
of "2" knows these language preferences. Therefore I still
think that "2" (= the user) should GET the exp= URL, not "3".
Bye, Frank
The human language used in a Web page is purely determined by the author of that
page. Nothing the browser or "3" knows or says (normally) affects that. So
whoever writes that page has complete control over its content.
BTW, there is no need to constrain a web page to a single human language - you
can have several if you wish.
Using your numbering, "1" writes the SPF explanation (i.e. the URL) and also
writes (or has control over) the content of the corresponding page.
So it is "1" who makes the decision on the language to be used. The only 'good
guys' who will see the page are (I think) members of "2", the users in the
domain she manages. So she can write the page using the language or languages
she knows her domain-users prefer.
Remember, use of this URL feature is an option. Those domains who wish to make
it as easy as possible for end users to support themselves will probably use it.
Those for whom a brief English message is sufficient, who don't have a web
server available or who would rather handle support requests manually, can do
so.
All these decisions are within the scope of the sending domain policy.
The only time a decision is outside of "1"s control is if the bounce message is
being created by a "3" later than SMTP-time (e.g. when using one of the
non-SPF-classic tests). In this case "3" may not have implemented this
(optional) auto-insertion, so the user "2" will just see the (macro-expanded)
explanation text..
Chris