-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
AccuSpam wrote:
Perhaps no number defaults to "1"?
I'm taking 1 = fully authorized, 0 = totally unauthorized.
"No prefix" defaults to + currently. + means the same as 1. So, yes.
Agree except that + is 0 and - is 1 (because I wrote
"probability it is forgery" unless you reverse my definition
which is fine with me), absense any prefix in your suggestion.
Yes, I'm reversing your definition. :)
But I do not agree that ~ is 0.5 or that ? is 0.1.
I was thinking on the lines that ~ means "all bets are off" - so
there's a 50% authorization. From a conditional probability
perspective, conditioning on a 50% chance is a no-op. Consider a
Bayesian spam content analysis with a token that appears equally in
spam and good email.
I agree that the assignment of 0.1 to ? is arbitrary. Perhaps ? should
continue to mean SOFTFAIL and not have any probability assigned to it.
Or perhaps it has probability 0+, or epsilon, for some sufficiently
small value of epsilon. ;)
If the include recursively returned (say) a result of 0.75, that
would be multiplied by the 0.85.
No I would not do that. That is not mathematically correct.
I would just return the probability of the rule which caused exit
from the SPF rule chain.
But I don't necessarily trust the included partner as much as I trust
myself. If I own the included domain, I'd use a prefix of 1, or +, or
leave it out. That would return your result. But I'd like to be able
to control the authority I give to my partners to a finer degree than
just "I trust this guy, and that guy, and that guy over there."
Say I trust partner.example.com with 80% probability. But they
subcontract to subcontractor.example.com with 90% probability of trust.
My trust of subcontractor.example.com is only (80% * 90%) = 72%.
my.example.com: v=spf2... 0.8include:partner.example.com
partner.example.com: v=spf2... 0.9include:subcontractor.example.com
subcontractor.example.com: v=spf2... mx -all
The mail comes from an MX of subcontractor.example.com.
The receiving mail server does a DNS lookup on my.example.com
Then it cascades through to partner.example.com
with an attached 0.8
Then it cascades through subcontractor.example.com
with an attached 0.9 - carry the 0.8 for an effective 0.72
subcontractor.example.com returns PASS (1) for an effective 0.72
overall
This will encourage email providers/partners to rigorously monitor
their sending agents, so they can set their SPF records to
all-ones-and-a-0all
Matthew(_dot_)van(_dot_)Eerde(_at_)hbinc(_dot_)com
805.964.4554 x902
Hispanic Business Inc./HireDiversity.com Software Engineer
perl -e"map{y/a-z/l-za-k/;print}shift" "Jjhi pcdiwtg Ptga wprztg,"
-----BEGIN PGP SIGNATURE-----
Comment: pub key http://matthew.vaneerde.com/pgp-public-key.asc
iD8DBQFBLOm6UQQr0VWaglwRAksxAJ0X2oVjuN8K8Xtsv+qmi9pivVAczACgo4ZQ
r4Al/grv4pNZaKURqsoasTw=
=LpES
-----END PGP SIGNATURE-----