-----Original Message-----
From: owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[mailto:owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com] On Behalf Of
Martin G. Diehl
Sent: zondag 27 februari 2005 17:05
To: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
Subject: Re: [spf-discuss] Email Forwarder's Protocol ( EFP )
Feb 26 13:46:55 dbmail-mx4 sm-mta[16402]: j1Q0kopx016402:
ruleset=check_mail, arg1=<rochelleandpeter(_at_)xtra(_dot_)co(_dot_)nz>,
relay=[210.54.64.175], reject=451 4.7.1 Please see
http://spf.pobox.com/why(_dot_)html?sender=rochelleandpeter(_at_)xtra(_dot_)co(_dot_)
nz&ip=210.54.64.175&receiver=dbmail-mx4.orcon.co.nz:DNS
error while looking up 175.64.54.210.in-addr.arpa PTR:SERVFAIL
It is possible to make SPF not do this checking and allow
sendmail do it?
As per the specs, rejecting is up to the MTA:
2.5.6 TempError
A TempError result means that the SPF client encountered
a transient error when performing the check.
OK ... 'TempError' results from a 'transient error'.
I suppose that a 'transient error' is some error condition
that has caused a failure and cannot be corrected, but will
not be an error condition at some future time.
Right?
I would say, the condition for the error remains unchanged; but, over
time, the error itself is likely not to exist any more; such as DNS lookup
errors, as in the above log-entry. Such errors are usually really
'transient', in that they are likely to go away all by themselves.
I don't see how it could be possible for the SPF client
to determine NOW that the error will be corrected in the
FUTURE?
The other side of this coin is true, too: there is no way for SPF to know,
with certainty that, say, the DNS error is really a permanent condition.
As with all net-congestion/DNS propagation, ere the opposite is true: you
are likely to get a good response when you try a bit later. Which is what
TEMPFAIL tells the connecting client: try your luck again in wee while.
The terms 'TempError' and 'transient error' bother me
by being too imprecise.
According to the dictionary: "transient", Passing with time; transitory
(...) Remaining in a place only a brief time (...) ETYMOLOGY: Alteration
of Latin transiens, transeunt-, present participle of transire, to go
over.
Personally, I believe that pegs the meaning of 'transient error' with
great accuracy. ;)
Perhaps 2.5.6 should be called 'Incomplete'. As an
example, that could occur if the SPF client was unable
to get any DNS response.
Could we consider this rewording?
2.5.6 Incomplete
An Incomplete result means that the SPF client
encountered an error that prevented it from
performing the check. Checking software may
be configured to accept or temporarily reject
the message. If the message is rejected during
the SMTP transaction for this reason, the
software SHOULD use an SMTP reply code of 451
and, if supported, the 4.4.3 DSN code.
"Incomplete", to me, suggests, say, a truncated DNS record (because it
would not fit in a packet). And I would ere associate "Incomplete" with
PermError.
Furthermore, if you mention 'transient error', everybody knows immediately
what you mean. I doubt people would have the same connotation with
"Incomplete".
Cheers,
- Mark
System Administrator Asarian-host.org
---
"If you were supposed to understand it,
we wouldn't call it code." - FedEx