Matthew(_dot_)van(_dot_)Eerde(_at_)hbinc(_dot_)com wrote:
I think most domains will run black/white SPF domains where the authoritative
constants are all 1, with a final 0all. But it's still a good idea to build
flexibility into SPF to encourage adoption.
Hmm...I guess the question is, is the added flexibility worthwhile
enough to justify a significant increase in complexity? I see a few issues:
- SPF checking libraries will no longer be returning a nice, simple,
multiple-choice response. They'll be returning a probability. This
changes and complicates the interface with other programs.
- Currently, the way the MTA is supposed to react to each of the
possible SPF returns is pretty cut and dried. When you throw in
probabilities, it becomes much hazier. At what point do I bounce the
mail? 95%? 90%? 50%? Everyone will make their own choices, and we no
longer really have a standardized, predictable response. The whole
thing becomes much more non-deterministic. Different sites will be
treating the same SPF record completely differently.
- This would be enough of a change to the syntax to require a new
version string and new versions of all the libraries. Is it worth it?