In <429017F0(_dot_)1EC6(_at_)xyzzy(_dot_)claranet(_dot_)de> Frank Ellermann
<nobody(_at_)xyzzy(_dot_)claranet(_dot_)de> writes:
wayne wrote:
Personally, I don't consider lentczner-00 an "SPF-classic"
spec.
Come on, we all had our ways to deal with the MARID disaster,
some wrote appeals to the IESG, others took a time out, and
MarkL volunteered to create an emergency classic spec. fast,
and that was a necessity at precisely this moment, the old SPF
drafts were expired. We had _nothing_ at this moment when we
needed it most.
It's unfair to blame MarkL and the community for what they did
in this state of emergency.
Ok, I may have a much stronger opinion about this than most others.
After all, when I saw so many incompatible changes from the
mengwong-spf-0[01] drafts in lentczner-00, I went off and wrote up my
own documentation for libspf2. This *didn't* take me long to do.
While I agree that MarkL worked hard and tried to do what he thought
was best, I disagree that what was created was widely accepted as an
"SPF classic" draft. It wasn't *just* me who had problems with it.
I also disagree that we couldn't have had a much more compatible draft
submitted to the IETF within the timeframe that the lentczner draft
was submitted.
It wasn't long after it was submitted to the IETF when the
SPF council was formed
It was _weeks_ after it, [...]
I guess that all depends on what you mean by "long".
Feb 11 draft-mengwong-spf-00 sent to the IETF
May 16 draft-mengwong-spf-01 sent to the IETF
Sep 29 MarkL asks about an SPF classic draft, saying his thoughts
"are now tending to some more radical changes"
Oct 2 MarkL announces development of SPF v1 draft "derived from MARID"
Oct 6 release of draft-lentczner-spf-00pre1.txt
Oct 13 draft-lentczner-spf-00 sent to IETF
Oct 15 first release of draft-schlitt-spf-00pre1
Oct 16 release of draft-schlitt-spf-00pre2
Nov 3 release of draft-schlitt-spf-00pre4
Nov 15 release of draft-schlitt-spf-00
late Nov: SPF council formed
Dec 4 HELO checking to be restored
Dec 22 draft-schlitt-* drafts are official
http://spf.mehnle.net/Council_Resolution/17
So, the mengwong-spf-0[01] drafts were the official drafts for 5-8
months and the status wasn't controversial. lentczner-00 was official
for at most two months, during which it was controversial.
schlitt-spf-* was official for another 5 months, but a major goal of
these drafts has been compatibility with mengwong-spf-*.
And for all this time the one and only "official" SPF I-D was
lentczner -00. The SID folks published their -00 11-11, and
schlitt -00 (not your prereleases here) came January the third.
As outlined above, I strongly disagree that the only "offical" SPF
spec was lentczner-00. Yes, it may have been the only I-D on the IETF
website, but the SPF community has always been somewhat seperate from
the IETF.
I am getting really nervous about some of the stuff with
NXDOMAIN and PermError.
It's quite simple, if the SPF sender policy is FUBAR, and that
includes NONE for an include: or the forgotten redirect=, then
it ought to be fixed a.s.a.p. Like a bogus MX. The only way
to get this desired result a.s.a.p. is a "reject". What else
should the receiver do, send abuse mails manually ? Petition
RFCI to create a new *.spf.rfc-ignorant.org zone ?
Sending email to the postmaster of the domain will be far more
effective in fixing the problem than rejecting the users' email and
have the users complain far and wide. Similar techniques are outlined
in the SoftFail results.
But, again, this might have been a better thing to do, but this wasn't
what was done in the draft-mengwong-* drafts, and therefore I don't
think we should change it now.
PermError MUST be treated as None
No, it should be treated like Fail. Just as it always was, bye
PermError was *not* always treated like Fail. That's the point.
-wayne