-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Frank Ellermann wrote:
I'm far from convinced that [...] it's the job of v=spf1 to educate the
world about 2821.
That's NOT the point of my suggestion (SPF(non-existent-domain) ==
PermError). As I see it, "PermError" doesn't just mean "the used SPF
record is broken", but "some error occurred that will not resolve itself
under unchanged circumstances". Thus, the point of my suggestion is that
SPF should refuse to operate on nonsensical input data and instead throw
an error signaling exactly that.
I don't even want to suggest that receivers should apply SPF to domains in
order to be able to reject (or do whatever else) messages claiming to come
from non-existent domains. Instead, I'd like the spec to explicitly
advise receivers to perform a sanity check on the sender domain before
applying SPF to it.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
iD4DBQFCj1lowL7PKlBZWjsRAssOAJdyj8DBntpDhwUXRqVe+4VEnj+iAKCVgG9h
kwuf6632KIHKcS+ET80omg==
=sGrq
-----END PGP SIGNATURE-----