Re: overall HELO FAIL

wayne wrote:

 [most of your points answered in replies to Julian here]

Forcing them to have to follow an algorithm would be
unworkable.


"Forcing" isn't the issue, I'm perfectly happy with avoiding
all dubious MUST and SHOULD.

After hard fights Wayne managed to add PermError for a
reliable error handling.

PermError has always been a part of the SPF spec, although in
draft-mengwong-spf-* it is called "unknown".  I'm not sure
what you think I added.


You added the concept of the "validating implementation", i.e.
report errors within a policy as a PermError, with the intent
of a 5xx where appropriate,

Given numerous cases of a:1.2.3.4 or mx=an.example that was so
convincing and so obviously the best possible solution for all
parties, senders and receivers, that going back to a "do what
you like" is no option.

As per the last council meeting, that language will change.


The last Council meeting ignored a corresponding "For Council
review - FAIL PermError vs. NONE NXDOMAIN".  Plus rationale
in a separate article.

Not using RfC 2828 for the "authorize" question strikes me as
odd, after William agreed that it's a good idea.

In its meeting before the last meeting the Council asked for a
clarification of the "source routes" issue.  And I did this in
<http://mid.gmane.org/428D9BC6(_dot_)783(_at_)xyzzy(_dot_)claranet(_dot_)de> 
with an
extra pointer in "pointers for the SPF Council / Wayne"
<http://mid.gmane.org/42904B3F(_dot_)70EC(_at_)xyzzy(_dot_)claranet(_dot_)de>

21:41 <grumpy> I don't think it has been discussed.

Mark said it's clear now in reply to the clarification.  It was
discussed.  The Council ignored it.  Rejecting something if it
is just a bad idea is one thing, but ignorance is dangerous.

How about an official mailto-address for appeals.  In that case
I'd send an appeal to the SPF Coucil because you misrepresented
this issue, it was clarified _and_ discussed.

Again, we are constrained by what mengwong-spf-* and current
implementations do.


Is that why you added new stuff like the scope= ?  There are
political reasons why not mentioning "mfrom" or "scope" in the
v=spf1 spec. is a plan, there are also technical reasons why
just noting the tested identity is good enough (even for PRA).

                       Bye, Frank

<Prev in Thread]	Current Thread	[Next in Thread>
Re: overall HELO FAIL, (continued) Re: overall HELO FAIL, Terry Fielder Re: overall HELO FAIL, Frank Ellermann Re: overall HELO FAIL, wayne Re: overall HELO FAIL, Frank Ellermann Re: overall HELO FAIL, Julian Mehnle Re: overall HELO FAIL, Stuart D. Gathman Re: overall HELO FAIL, Alex van den Bogaerdt Re: overall HELO FAIL, william(at)elan.net Re: overall HELO FAIL, Frank Ellermann Re: Re: overall HELO FAIL, wayne Re: overall HELO FAIL, Frank Ellermann <= Re: overall HELO FAIL, Julian Mehnle Re: overall HELO FAIL, Hector Santos Re: overall HELO FAIL, Dennis Willson Re: overall HELO FAIL, Ralf Doeblitz Re: overall HELO FAIL, Frank Ellermann Re: Re: overall HELO FAIL, Julian Mehnle reviews (was: overall HELO FAIL), Frank Ellermann Re: reviews (was: overall HELO FAIL), wayne Re: reviews, Frank Ellermann Re: Re: overall HELO FAIL, Julian Mehnle