spf-discuss
[Top] [All Lists]

PermError in spf-01

2005-05-20 21:23:06
wayne wrote:

BTW, I don't think anyone is rejecting on PermError now.

Mark said it several times in the IRC log.  Apparently
Sendmail Inc. does it for an invalid include, see spf-help:

<http://mid.gmane.org/42782562(_dot_)5596(_at_)xyzzy(_dot_)claranet(_dot_)de>
<http://mid.gmane.org/42783CF1(_dot_)70AD(_at_)xyzzy(_dot_)claranet(_dot_)de>
<http://mid.gmane.org/20050504123122(_dot_)F1B4(_dot_)STEVE(_at_)teamITS(_dot_)com>

It's also documented in draft-newton-maawg-sp-cosiderations-00:

| Under SPF Classic (Section 2.1.2), if an "include" mechansim
| references a non-existent SPF record, SPF processing against
| all email for the domain making the reference would result in
| a PermError state and consequent permanent SMTP rejection of
| the email.

I've yet to see a reject because of this

See above.

The "SHOULD reject on PermError" is a creation from the MARID
process.

Of course.  4xx would only delay the error handling.

Given that all specs say PermError MUST be treated as None

That's not the case, the last SPF spec. published today says
(incorrectly) "like SOFTFAIL" = 4xx, and the previous spec.s
back to schlitt-00 / lentczner-00 had a "SHOULD reject" (5xx).

strong evidence that existing implementations don't treat
PermError as None.

See above.  It was also discussed in spf-devel with two persons
trying to implement SPF (no idea what the result is), and in
other threads about SPF (e.g. in de.admin.net-abuse.mail).  Bye