spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: moving on from MARID

2004-09-25 23:12:02
from [Greg Connor] [Permanent Link] 
--wayne <wayne(_at_)midwestcs(_dot_)com> wrote:


In <3255811(_dot_)1096068892(_at_)[192(_dot_)168(_dot_)0(_dot_)2]> Greg Connor 
<gconnor(_at_)nekodojo(_dot_)org>
writes:


I think the idea to tie it and PRA together came soon after, because
we were making an effort to work with MS at the time.


No, RFROM/FRED/SUBMITTER was always tied to the PRA.



                                                       But I also
think the Submitter is distinct from the PRA in an important way: the
Submitter is a new, declared parameter, while the PRA is a heuristic
guess picked from other identities, based on how we think current mail
headers work in practice.


No, the PRA is *not* heuristic, it is supposed to be quite
deterministic so that all systems when given the same email will come
up with the same PRA.  If the PRA doesn't match the SUBMITTER value,
you are supposed to reject the email.
Sorry, I communicated poorly. If we were to check something other than the PRA, and it's in 2822 headers but not in the 2821 conversation, Submitter could be used for that too. We could tie it to X-Forwarded-For: or just call the new header Submitter: or something.
The word heuristic is probably the wrong word for what I meant. What I meant was that PRA is a formula that uses existing headers and depends on people using them just like they have been used before. Taking over Submitter for non-PRA purposes would mean that we could *set* the new headers and suggest new best practice, rather than depending on how people have used things in the past. A new Submitter: header would allow forwarders something they can do besides SRS. It would be similar to whitelisting known forwarders based on their HELO I guess, but it gives us one additional tool in the toolbox. Forwarders come in different flavors and some will like SRS, some will expect people to whitelist based on HELO or PTR, but I think if Submitter becomes available they would use that too.
Anyway. I don't feel strongly about it so I don't want to make a big deal about it. Bug me on irc some time and I'll try to explain in more detail what I think on the subject. But it's certainly not as important as getting SPF published as experimental and getting started on a new experimental RR. 


--
Greg Connor <gconnor(_at_)nekodojo(_dot_)org>
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: draft: SPF community's position on MARID closing, John Glube
Next by Date:  Re: moving on from MARID, Mark
Previous by Thread:  Re: moving on from MARID, wayne
Next by Thread:  RE: moving on from MARID, Seth Goodman
Indexes:  [Date] [Thread] [Top] [All Lists]