spf-discuss
[Top] [All Lists]

Re: [SPF v1 Draft] Last chance before I submit...

2004-10-12 05:26:00

On Mon, 11 Oct 2004, Mark Lentczner wrote:

Friends -

Thanks so much for all the feedback, review, comments, suggestions, 
corrections, and encouragement on the draft for SPF v1.  I have read 
and sifted all the input and made numerous changes, mostly very small, 
to produce this latest version:
      http://www.ozonehouse.com/mark/spf/draft-lentczner-spf-00pre2.html
      http://www.ozonehouse.com/mark/spf/draft-lentczner-spf-00pre2.txt

Nothing major, but I do have some comments of what maybe improved...

------------------------------------------------------------

3.1.6  Wildcard Records

It is not wildcard record that is repeated twice its spf record, once
with wildcard and once without. I recommend changeas as follows:

-  Notice that the wildcard records must be repeated twice for every
-  name within the domain: Once for the name, and once to cover the tree
-  under the name.

+  Notice that spf records must be repeated twice for every name within
+  the domain: Once for the name, and once with wildcard to cover the 
+  tree under the name.

--------------------------------------------------------

4.6 Record Evaluation

An extra line before "Note:" seems appropriate, changes as follows:

-  return "PermError" if the record is not syntactically well formed.
-  Note: Unrecognized mechanisms are still syntactically well formed.
-  See Section 7.1.

+  return "PermError" if the record is not syntactically well formed.
+
+  Note: Unrecognized mechanisms are still syntactically well formed.
+  See Section 7.1.

--------------------------------------------------------

4.6.3  Modifiers

-  Modifiers MAY appear anywhere in the record, but SHOULD appear at the
-  end, after all mechanisms.  Ordering of modifiers does not matter.

Ordering sometimes does matter, especially with redirect modifier.
Consider the following two lines:

v=spf1 mx -all redirect=r2._spf.example.com
v=spf1 redirect=r2._spf.example.com mx -all

Are they really the same to the spf interpreter? How about this:

v=spf1 mx -all explain=explain.spf.%{d} redirect=r2._spf.example.com
v=spf1 redirect=r2._spf.example.com explain=explain.spf.%{d} mx  -all

So I recommend removing "Ordering of modifiers does not matter" phrase from
this section. Entire section may possibly need to be changed to:

+  Modifiers MAY appear anywhere in the record, but SHOULD appear at the
+  end after all mechanisms. "redirect" modifier SHOULD appear
+  at the end of record after all other mechanisms and modifiers.

--------------------------------------------------------

Some of the feedback required some decisions on my part:

1) "v=spf1" is case-*in*sensitive, as are all the quoted literal 
strings in the grammar
Thank you. I'll immediatly go back to using "v=SPF1 ..."
 
2) Modifiers are all global and singular.  New versions of SPF can do 
what they like.  Since SPF v1 only has two modifiers, and they are both 
global and singular, there is no reason to complicate things.
As long as you don't say that ALL modifiers MUST be global and singular 
that is fine. If new modifier is defined that is plural, it'll be
ignored per current definition but that its plural should not be
against spcs.

3) Kept the new RR type text, far from slowing down the experimental 
RFC process, it will probably speed it up as the DNS-EXT folks will 
almost certainly want it added back if it is missing.

4) Kept the "Domains SHOULD publish ... -all" language.  Whether or not 
this is where SPF can or should go, it seems clear that this was the 
original intent of SPF v1.
It was but if you use same logic as for adding RR in 3, you'll see that
you may have to go to stronger text to make new RR preferable...
 
-- 
William Leibzon
Elan Networks
william(_at_)elan(_dot_)net


<Prev in Thread] Current Thread [Next in Thread>