spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: For SPF council review: NOT RECOMMENDED

2005-05-09 09:22:27
from [Scott Kitterman] [Permanent Link] 
-----Original Message-----
From: owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[mailto:owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com]On Behalf Of wayne
Sent: Monday, May 09, 2005 9:06 AM
To: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
Subject: Re: [spf-discuss] For SPF council review: NOT RECOMMENDED


In <x4br7kvagz(_dot_)fsf(_at_)footbone(_dot_)schlitt(_dot_)net> wayne 
<wayne(_at_)schlitt(_dot_)net> writes:


In 
<Pine(_dot_)LNX(_dot_)4(_dot_)62(_dot_)0505090119450(_dot_)26914(_at_)sokol(_dot_)elan(_dot_)net>

"william(at)elan.net" <william(_at_)elan(_dot_)net> writes:



--
Without explicit approval of record owner, checking other identities
against v=spf1 records is NOT RECOMMENDED, because there are cases
(e.g. Section 9.3) that are known to give incorrect results."
--


I like that.  Along with the changes suggested by Julian (and others),
it now reads:



Julian and I talked this over on the #spf IRC channel, and came up
with this paragraph:

         Without explicit approval of the record owner, checking other
         identities against SPF version 1 records is NOT RECOMMENDED
         because there are cases that are known to give incorrect
         results.  For example, most mailing lists rewrite the "MAIL
         FROM" identity (see <xref target="mailing-lists"/>), but
         some do not change any other identities in the message.  The
         scenario described in <xref target="forwarding"/>.1.2 is
         another example.  Documents that define other identities
         should define the method for explicit approval.


As an alternative, we discussed defining an additional-scopes= modifier
to say which scopes, besides the implicit MAIL FROM and HELO scopes,
should be approved by the domain owner.  In the end, we decided that
kicking the problem of defining "explicit approval" off on others to
be simpler and less constraining.


Comments welcome.


-wayne


Adding the without approval language takes care of uses like the AOL Dynamic
Sender list:

http://postmaster.aol.com/spf/about.html

They use SPF records less the PTR mechanism.  Since you have to ask to be on
the list, I'd say explicit approval takes care of that.

BTW, this is a use that is compliant with your proposed wording that
wouldn't have been under the alternative I proposed (since they don't use
PTR, the result is not identical in all cases).

Scott K
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: For SPF council review: NOT RECOMMENDED, wayne
Next by Date:  Re: Question on who created current design for spf.pobox.com, wayne
Previous by Thread:  Re: For SPF council review: NOT RECOMMENDED, wayne
Next by Thread:  Re: For SPF council review: NOT RECOMMENDED, David MacQuigg
Indexes:  [Date] [Thread] [Top] [All Lists]