spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Using "v=spf1/scope1,scope2,scope3 " as ascoping syntax

2004-11-01 10:27:15
from [Frank Ellermann] [Permanent Link] 
Mark Shewmaker wrote:

 [3]

Allow people to add pra scope to their spf records via an
"op" modifier, but don't allow for pra and mailfrom scopes
to differ.


The solution for _different_ policies is TTBOMK:

IN TXT "v=spf1 mail-from-stuff"
IN TXT "spf2.0/pra sender-id-stuff"

With your proposal that would be very similar:

IN TXT "v=spf1 mail-from-stuff"
IN TXT "v=spf1/pra sender-id-stuff"

There's nothing like scope modifiers or %{e] in Sender-ID, so
two records are the only solution for _different_ policies.

JFTR:  There's also no only=pra or only=mfrom, and therefore
IN TXT "spf2.0/pra,mfrom mixed-stuff"
has exactly the same effect as a hypothetical "opt-in" as in
IN TXT "v=spf1 mixed-stuff op=pra"

"v=spf1 op=pra" and "spf2.0/pra,mfrom" are equivalent.  Until
they add something like only= to spf2.0, then different scopes
in one spf2.0 record might work.


Hold-your-nose solution:  Positional modifiers.


Yes, I'm not holding my nose, scope modifiers are even worse.


I have to hold my nose at my own solution too


Your solution does not rape existing v=spf1 records, that's a
major difference.  But syntactically your idea is the same as
Sender-ID for _different_ policies:  minimally two records.

For _different_ policies your solution uses up to six records:

IN TXT "v=spf1 mfrom-plus-helo-stuff"
IN TXT "v=spf1/mfrom mfrom-only-stuff"
IN SPF "v=spf1/mfrom mfrom-only-stuff"
IN TXT "v=spf1/helo helo-only-stuff"
IN HLO "v=spf1/helo helo-only-stuff"
IN TXT "v=spf1/pra pra-only-stuff"
There will be never a PRA RR, the IESG won't allow it. <gd&r>


If your scope includes mailfrom, add an "op" modifier to
your record.


That's a new idea, please use another name for it to avoid any
confusion.  The "op=" was never meant to be required, not in
the "other protocols" version (with an op=any), not in "other
tests" (ot=), and not in "other properties" (without op=any).

A v=spf1 policy without op= / ot= / p= is MAIL FROM only (plus
minus HELO depending on the v=spf1 draft resp. implementation).


If your scope doesn't include mailfrom, start the record with
'v=spf1/scope1,scope2,... "


As in "spf2.0/pra" or in "spf2.0/foo,bar" (foo != mfrom != bar)

                      Bye, Frank
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Using "v=spf1/scope1,scope2,scope3 " as ascopingsyntax, Mark Shewmaker
Next by Date:  Re: purely dual-format approach, wayne
Previous by Thread:  RE: Using "v=spf1/scope1,scope2,scope3 " as ascopingsyntax, Mark Shewmaker
Next by Thread:  Re: Re: Using "v=spf1/scope1,scope2,scope3 " as ascoping syntax, Mark Shewmaker
Indexes:  [Date] [Thread] [Top] [All Lists]