Scott Kitterman wrote:
[about broken policies like bad redirect= etc., I hope]
I think this whole discussion highlights the massive
incompatibility inserted during MARID that said Error
~= Fail or worse.
Wayne stripped these parts back to pre-MARID and then
inserted what we all agreed on, first proposed by him
before MARID, the "validating implementation" concept.
All of the errors really mean that check_host is unable
to determine the domain owner's policy.
No. The PERMERRORs as they were in the -00 draft really
mean "abuse = broken policies are bad, die spammer, die".
It is net abuse to publish a broken sender policy. It wastes
resources on the side of the receiver. It should be rejected.
SPF is not for kids or idiots. SPF is a weapon.
The spammers play hardball, they will find broken policies and
abuse them for their purposes if we don't say "stop" in -02,
as it was in -00. The -01 was a quick shot caused by [guess].
Unknown ~= None.
Sorry, but that is complete madness, like Meng's idea to get
rid of Fail / Softfail, and say "moo".
putting in language similar to that used for Softfail about
letting the sender know about that problem would be a good
idea.
That's a bad idea. 4xx is a Temperror, it means "try again
later" without human intervention. The MTA tries it for four
days, then it bounces. Again resoures wasted, on both sides,
and 4xx extends the pain to its maximal duration.
Broken policies are net abuse. Anything below 5xx makes no
sense. So it should be similar to Fail. Otherwise the enemy
would try to (ab)use it.
Bye, Frank