-----Original Message-----
From: owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[mailto:owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com]On Behalf Of Frank
Ellermann
Sent: Friday, May 27, 2005 2:08 PM
To: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
Subject: [spf-discuss] Re: overall HELO FAIL
Julian Mehnle wrote:
Do you really think receivers are too dumb to figure out what
reactions to the individual results of HELO and MAIL FROM
checks are most appropriate _for_them_?
Yes. It's not "dumb", it's just their POV, we just disussed
the implications of an SA-score for NEUTRAL. From Scott's POV
it could mean "I can't use ?, I dare not +, I can't publish".
Adding op=auth to fix it to the main spec. is a dubious idea,
to put it mildly. Modifying the semantics of PASS is verboten.
The point of SPF isn't rejecting mail
IBTD.
From the user's POV he has no control over HELO screw ups by
his mail provider. If he gets a HELO bounce it must be clear
that it wasn't his fault and SPF simply worked as designed.
I don't see the value of defining an "overall result" based
on the individual results of HELO and MAIL FROM checks.
Based on what Carl and Terry said some users might be confused
about this HELO effect. Wayne's release notes won't make it
into the RfC. I hate unnecessary confusion of normal users.
Users tend to upset clueless support desks, it escalates, and
finally a clueless manager decides to remove the SPF policy
instead of simply fixing it and / or the offending HELO FQDN.
Perhaps, once spf.pobox.com is being updated again (that's toned down from
what I first wrote), the Why page could cover this distinction and make it
clear where to go?
Scott K