On a topic tangentially of interest to spf, but not directly
spf-related:
It would be convenient for MUA's if there were a header item that said:
"I fully and completely trust the previous MTA."
If there were such a claim, (placed in or above Received), then MUA's
could know they could trust the authentication and other headers one-hop
backwards.
MTA's internal to an organization could be configured to always proclaim
full trust in their border MTA's. MUA's reading mail from those
internal MTA's would then be able to trust the authentication headers
added way back at the the border MTA--and all without any user-level
configuration whatsoever.
So my questions are:
1. Any thoughts on whether this would be a good or bad idea?
2. Any thoughts on where this statement could best be placed?
Some possibilities:
1. I'm wondering if it could be added as an additional "with"
item in Received. "with complete-trust-of-previous-mta",
(or something shorter)
2. In the authentication-results header, (received-spf seems too
spf-specific.)
3. In a header of it's own, say: "X-trust-previous-hop:"
--
Mark Shewmaker
mark(_at_)primefactor(_dot_)com