Seems reasonable and well thought out. I have some things to add
(haven't read your citations in-depth)
Thank you.
FIRST: I'd suggest reversing the syntax - have the numbers be
replacements for the prefix. This allows for a simple extension of the
existing syntax.
May be very helpful. Let us analyze.
Possible prefixes:
1(.0+)? - email from this chunk of the spf record is DEFINITELY
AUTHORIZED (PASS)
Perhaps no number defaults to "1"?
0(.0+)? - email from this chunk of the spf record is DEFINITELY
UNAUTHORIZED (FAIL)
0\.\d+ - email from this chunk of the spf record is POSSIBLY AUTHORIZED
(UNKNOWN)
So + is a synonym for 1, - is a synonym for 0, ~ is a synonym for 0.5,
and ? is a synonym for 0.1 (for some value of 0.1)
Agree except that + is 0 and - is 1 (because I wrote "probability it is
forgery" unless you reverse my definition which is fine with me), absense any
prefix in your suggestion.
But I do not agree that ~ is 0.5 or that ? is 0.1. They are forever ambiguous
in terms of probability, because they are already used under the previous
ambiguous definitions. Actually I think ? means "do not know" or "neutral" and
since you can not doing anything then it is essentially the same as PASS,
depending on the receivers interpretation of "neutral".
So you could have things like
v=spf2 1mx 1a 0.85include:partner.example.com 0.5ptr 0.15all
I like it! Different rules have different probabilities, because domain might
be comprised of different groups.
If the include recursively returned (say) a result of 0.75, that would
be multiplied by the 0.85.
No I would not do that. That is not mathematically correct. I would just
return the probability of the rule which caused exit from the SPF rule chain.
SECOND:
The probability of spam-ness depends not only on where it comes from,
but where it goes. Perhaps macros could be developed to take into
account things like:
Does the email cross continental boundaries?
Does the email go from a .biz to a .com?
Is the recipient an organization which is well-known to the sender? Or
vice versa? (That is, does
sender-dot-example-dot-com.whitelist._spf.recipient.example.com exist?
With a probability tied to it between zero and one?)
That is out of the scope of SPF (anti-forgery). The receivers anti-spam can
get that information independently.