spf-discuss
[Top] [All Lists]

Re: Scoping Syntax for spf1 records

2005-05-10 08:05:42
william(at)elan.net wrote:

If we have identity "sender" ("Sender" or "From") header

Oops, now that's certainly more interesting than mfrom.  It
inherits some PRA problems, but it's a cheap "anti-phishing"
idea.

(or its full variant is sc.sender=ema.mfrom)

Now I get it, it's what I had as op=william, later op=rfc822,
before I removed it together with op=pra, because nobody here
wanted this "equivalence" (excl. you, me, and IIRC Stuart)

I hope you still remember Logic 101 :)

Yes, I needed (not A => not B) == (B => A) in USEFOR.

Equivalence operators are not true "==" but "<=".

Equivalence is ==, i.e. (A == B) == ((A => B) & (B => A))
Implication is =>, e.g. (A => B) == (B <= A)

Not sure if that has anything to do with what you said, but I
don't know any name for "<=" that's different from "=>"

"v=spf1 ... -all sc.pra.submit=net" would be same as
"spf2.0/mfrom,pra,submut ..."

Okay, but you think that HELO should be separated from mfrom,
and that's a hopeless case with v=spf1.  And in spf2.0 the
"scopes"/"identities" are selected in the "version"/"magic"
at the begin of a record, so what you're talking about appeared
to be v=spf3 (maybe).

prefix must fully match up until first FWS

Right, if the sender uses a prefix he will make sure that it
matches something he has defined.

What's the point, saving a query in a backwards compatible
"version 3" implementation ?

Don't know what you mean here.

I don't see why you want to add something to "v=spf1" records
if you could just use your own "magic" / "prefix" / "version".

It's the same number of queries, -q=spf.  You get all records,
"v=spf1", any "spf2.0", new "magic", etc. until UDP is not
more good enough for all this stuff, same problem as for TXT.

If we had scopes or positional modifiers, things would have
been easier.

spf2.0 has scopes _and_ positional modifiers.

I do not see enough interest in the community for new version
of spf yet.

Definitely true as far as I'm concerned, but if what you want
fits into spf2.0 I don't see why you want to add it to v=spf1.

New implementations supporting new tricks could pick records
starting with spf2.0, and while old implementations survive
your complex modifier syntax they don't know what it means -
so just use spf2.0.

Any decent spf2.0 implementation finding no "mfrom" or "helo"
scope should pick a "v=spf1" record as fallback.  It already
has this record (if existing), it was in the reply for -q=spf.

But you and Julian continued talking about scopes

He was one nanometer from my first public *PLONK* since about a
year, and I was one nanosecond from an unsubscribe spf-discuss.

The *PLONK* was already in my outbox.  The group was already
marked as "all articles read" (that's irreversible, it deleted
all "unread" flags, my way to note pending issues).

So "continued talking about scopes" is not exactly my POV. :->

                            Bye, Frank