At 03:13 PM 3/25/2005 +0100, Frank Ellerman wrote:
Andy Bakun wrote:
>> I raise this question now, because it will be a lot easier
>> to modify the standard now than later.
> Is this actually true? Can we get this verified? What kinds
> of changes can be made to the spec at this point? I thought
> someone had said effectively "not many".
Anything which doesn't break valid policies is not completely
off limits. If some old implementations are more liberal than
the actual standard says it's also tolerable. Otherwise it's
v=spf2 or spf2.0. For spf2.0 it must not break Sender-ID, and
it should include positional modifiers. For v=spf2 it can be
anything.
So, for example, we could add to Section 4.4 of draft-schlitt-spf:
The DNS query SHOULD include <ip>, the address of the SMTP client that is
injecting the mail. This information MAY be used by the <domain> owner for
rapid response to forgery attempts, zombies within their network, errors in
their SPF record, etc.
This would not break any existing implementations and would not
significantly increase the size of the query packet.
-- Dave
************************************************************* *
* David MacQuigg, PhD * email: dmquigg-spf(_at_)yahoo(_dot_)com *
*
* IC Design Engineer * phone: USA 520-721-4583 * * *
* Analog Design Methodologies * * *
* * 9320 East Mikelyn Lane * * *
* VRS Consulting, P.C. * Tucson, Arizona 85710 *
************************************************************* *