-----Original Message-----
From: owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[mailto:owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com]On Behalf Of Frank
Ellermann
Sent: Saturday, May 21, 2005 12:23 AM
To: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
Subject: [spf-discuss] PermError in spf-01
wayne wrote:
BTW, I don't think anyone is rejecting on PermError now.
Mark said it several times in the IRC log. Apparently
Sendmail Inc. does it for an invalid include, see spf-help:
<http://mid.gmane.org/42782562(_dot_)5596(_at_)xyzzy(_dot_)claranet(_dot_)de>
<http://mid.gmane.org/42783CF1(_dot_)70AD(_at_)xyzzy(_dot_)claranet(_dot_)de>
<http://mid.gmane.org/20050504123122(_dot_)F1B4(_dot_)STEVE(_at_)teamITS(_dot_)com>
It's also documented in draft-newton-maawg-sp-cosiderations-00:
| Under SPF Classic (Section 2.1.2), if an "include" mechansim
| references a non-existent SPF record, SPF processing against
| all email for the domain making the reference would result in
| a PermError state and consequent permanent SMTP rejection of
| the email.
I've yet to see a reject because of this
See above.
I think I wrote that line. In context, I was talking about complaints on
spf-help or submissions to spf.pobox.com. You are right, the Sendmail, Inc.
implementation does this, but it's, AFAICT, a MARID implementation including
PRA and not an SPF Classic impelementation.
I stick by my statement that __I__ haven't seen any complaints about reject
on PermError.
The "SHOULD reject on PermError" is a creation from the MARID
process.
Of course. 4xx would only delay the error handling.
Given that all specs say PermError MUST be treated as None
That's not the case, the last SPF spec. published today says
(incorrectly) "like SOFTFAIL" = 4xx, and the previous spec.s
back to schlitt-00 / lentczner-00 had a "SHOULD reject" (5xx).
strong evidence that existing implementations don't treat
PermError as None.
See above. It was also discussed in spf-devel with two persons
trying to implement SPF (no idea what the result is), and in
other threads about SPF (e.g. in de.admin.net-abuse.mail). Bye
If the result of an SPF check is anything other than None or a successful
check (i.e. Pass, Fail, Neutral, Softfail) then I think the only thing we
can say is Don't Know = Unknown.
I agree that we shouldn't try to mandate receiver policy, but we should
provide some guidance. If we take it that the Sender Policy is Unknown, I
don't see how the guidance can be anything other than proceed as if there
was no Sender Policy.
Scott K