spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: For SPF Council review - PASS Definition - was: People keep misunderstanding what "Pass" and "Neutral" mean

2005-05-18 06:11:36
from [Scott Kitterman] [Permanent Link] 
-----Original Message-----
From: owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[mailto:owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com]On Behalf Of Bill 
Taroli
Sent: Tuesday, May 17, 2005 11:53 PM
To: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
Subject: Re: [spf-discuss] For SPF Council review - PASS Definition -
was: People keep misunderstanding what "Pass" and "Neutral" mean


Sorry for lack of quoting.... seems like quite a tangle indeed! Is there
a decent reference to what scenarios result in these various statuses? I
think I've got a good grasp of PASS, FAIL, and NONE. But I'm not as
clear what leads to NEUTRAL or SOFTFAIL.

But, to me, in much plainer English than I've been reading so far (wow),
this what these terms mean to me:

  NONE       No advice
  NEUTRAL    Can't say, but I had a lead (e.g. include failed)
  SOFTFAIL   <<no idea on this one>>
  FAIL       Shred it now... don't open it.
  PASS       We'll vouch for it, but follow best practices anyway.

From my standpoint SPF is much like the other scans we put mail
through. We scan for negative results, not positive. And to me, the only
two statuses that seem to be able to assert anything in the affirmative
are FAIL and *possibly* SOFTFAIL. The rest give some assurance, but
aren't the final word on the subject... which is probably why there's so
much difficulty pinning down the meaning. In the end SPF will not
eliminate the need for other checks, but strives to give us another tool
in the battle.

Anyway... that's just my $0.02.

Bill


Definitely just another tool...

Different people will use SPF for different things.  Rejecting forgeries
(looking for fail) is no doubt the most common.

But wouldn't it be nice to take an SPF PASS piece of SPAM and use that to
add the sending domain to a domain based blacklist?  Then no matter where
they send from, you know it's a spammer.  That would be one more tool in the
battle....


  NONE       No advice
  NEUTRAL    Can't say, but I had a lead (e.g. include failed)

actually, include failed is a PermError, see below.  I'd describe this more
as won't say because it could go either way depending.

  SOFTFAIL   <<no idea on this one>>

Probably forged, but I'm not sure.  Approach with caution and if you get one
of these, I wouldn't mind hearing about it as there may be one of my users
out there doing something I didn't now about.

  FAIL       Shred it now... don't open it.
  PASS       We'll vouch for it, but follow best practices anyway.

TempError      Hold off and try again in a little while, something is broken
PermError      Something is broken and it won't get better.  You ought to
wonder about this one.

Just my interpretation.  The spec is still the best reading:

http://www.schlitt.net/spf/spf_classic/draft-schlitt-spf-classic-01pre7.html
http://www.schlitt.net/spf/spf_classic/draft-schlitt-spf-classic-01pre7.txt
http://www.schlitt.net/spf/spf_classic/draft-schlitt-spf-classic-01pre7.nr
http://www.schlitt.net/spf/spf_classic/draft-schlitt-spf-classic-01pre7.xml

Scott K
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  SPF Mail Summary Report, spf-discuss
Next by Date:  Re: IPv6 / a+ip6 (Was: Re: New SPFv1 spec: draft-schlitt-spf-classic-01pre7), william(at)elan.net
Previous by Thread:  Re: For SPF Council review - PASS Definition - was: People keep misunderstanding what "Pass" and "Neutral" mean, Bill Taroli
Next by Thread:  Re: For SPF Council review - PASS Definition - was: People keep misunderstanding what "Pass" and "Neutral" mean, Bill Taroli
Indexes:  [Date] [Thread] [Top] [All Lists]