Mark wrote:
The overall problem on this (and similarly) outstanding
item(s), as far as I see it, is the difficulty that the
decision to make something a PermError is always closely
related to what should happen on PermError.
ACK, PermError != 5xx reject is dangerous, harmful, and bad.
Excl. post-SMTP checks for the moment.
And on that rock solid groud it's also clear that NXDOMAIN
outside of include: / redirect= is a different beast. The
actual -01 spec. with PermError => SoftfAIL is utter dubious.
Which is to say, declaring a PermError cannot be seen apart
from what is to follow that result; and, conversely, what is
declared to follow a PermError, inevitably affects what we
wish to call a PermError.
ACK. Your "TILT" in this vote upset me especially because we
agree on almost all premises incl. the one and only correct way
to handle a PermError (5xx).
But NXDOMAIN outside of include: / redirect= is not an error
on the side of the sender domain, and e.g. domain literals are
legal constructs, of course ugly, but sometimes necessary.
I'm far from convinced that all HELO FQDN are suddenly valid,
or that it's the job of v=spf1 to educate the world about 2821.
Bye, Frank