"Stuart D. Gathman" misunderstood my logic thus:
On Wed, 18 May 2005, Chris Haynes wrote:
<snip>
What I think we are trying to make with PASS is two logically-different
declarations:
1) That the IP is authorised by the domain owner to send messages on its
behalf,
That is what NEUTRAL is for, although I'd say "use of the IP to send
messages for the domain has not been explicitly prohibited". The way
you word it, it sound like you are asking for a SOFTPASS (the IP has
our permission to send from our domain, but we don't fully trust it).
SOFTPASS might be useful for outsourced mass mailers. I would probably
end up treating it the same as SOFTFAIL for that reason.
The point of NEUTRAL is that the domain has not yet done anything about
the IP - it is still the same status as NONE, as it was before they began the
task of classifying IPs via SPF. That is why the spec says NEUTRAL == NONE.
2) That the IP is trusted by the domain owner _not_ to send messages
purporting to be from the domain that were not, in fact sent by that domain
That is what PASS is for. You are right, they are logically distinct.
<snip>
Perhaps I did not make my argument clear.
I'm suggesting that publishing PASS against an IP is making _both_ declarations
at the same time:
1) The domain sends messages via this IP
AND
2) The IP is trusted not to send forgeries
NEUTRAL is making only the first of these two declarations.
PASS means the IP is totally trustworthy from an SPF point of view.
NEUTRAL means that forgeries may also be present.
Chris haynes