spf-discuss
[Top] [All Lists]

Re: Re: When did we lose control?

2004-10-18 16:09:13
On Mon, Oct 18, 2004 at 10:07:07AM -0500, wayne wrote:
| >
| > It's what Roger (IIRC) said, SPF stands for "sender policy",
| > not "receiver".  IMHO an obvious bug which has to be fixed.
| > Only one FAIL is better, clearer, and shorter => KISS.
| 
| Mark has argued strongly that it the new concept of what "fail" is is
| not a bug, it is a very deliberate feature.
| 

just to give some historical context, a long time ago we all
originally agreed that a nonexistent domain should certainly
return a FAIL and be rejected, because any sane MTA does
A/MX lookups against the return path domain anyway and
rejects if it gets back NXDOMAIN.  so the FAIL response was
an optimization for that logic.

and then we found that some DNS servers will return NXDOMAIN
if queried for a TXT record that does not exist --- even if
there are A or MX entries for that domain.  so that's a bug
in whatever DNS server that was.  but it was big enough that
instead of trying to optimize that logic into SPF we just
stopped doing FAIL.

so that's the history.  if someone could find the original
threads it would be useful to refer to them here.