[...]
Agreed on [...] portion.
But I do not agree that ~ is 0.5 or that ? is 0.1.
Matthew.van.Eerde wrote:
I was thinking on the lines that ~ means "all bets are off" - so
there's a 50% authorization. From a conditional probability
perspective, conditioning on a 50% chance is a no-op.
Correct and agreed.
[...]
I agree that the assignment of 0.1 to ? is arbitrary. Perhaps ? should
continue to mean SOFTFAIL and not have any probability assigned to it.
Agreed. My previous outlined the danger of setting any value to this:
http://archives.listbox.com/spf-discuss(_at_)v2(_dot_)listbox(_dot_)com/200408/1072.html
Or perhaps it has probability 0+, or epsilon, for some sufficiently
small value of epsilon. ;)
Disagree as per previous post above.
If the include recursively returned (say) a result of 0.75, that
would be multiplied by the 0.85.
AccuSpam wrote
No I would not do that. That is not mathematically correct.
I would just return the probability of the rule which caused exit
from the SPF rule chain.
But I don't necessarily trust the included partner as much as I trust
myself. If I own the included domain, I'd use a prefix of 1, or +, or
leave it out. That would return your result. But I'd like to be able
to control the authority I give to my partners to a finer degree than
just "I trust this guy, and that guy, and that guy over there."
Say I trust partner.example.com with 80% probability. But they
subcontract to subcontractor.example.com with 90% probability of trust.
My trust of subcontractor.example.com is only (80% * 90%) = 72%.
my.example.com: v=spf2... 0.8include:partner.example.com
partner.example.com: v=spf2... 0.9include:subcontractor.example.com
subcontractor.example.com: v=spf2... mx -all
Yes I agree. I misunderstood previously. I thought you meant chaining the
probabilities of each rule (token) in your SPF line as they did not match. You
mean chaining the includes. Agreed.