[Top] [All Lists]

Re: possibilities for 2822 (was SPF implementations)

2005-08-17 16:11:58

william(at)elan.net wrote:

On Wed, 17 Aug 2005, Seth Goodman wrote:

My first reaction is that the two domains ought to be the same.  The
justification is that Sender: is supposed to be the originator if the
originator is not listed in From:.  That's the originator, not someone
related to the originator. If mx1.bar.com is the originating domain, then I believe it belongs in Sender:. If we allow flexibility here, things could
get complicated.  mx1.bar.com and bar.com don't necessarily share an SPF
record.  If they didn't, we would have to do an additional SPF check, and
that check would be against a 2822 identity.  That, in turn, could create
the need for an additional SPF record or scoping requirements in the
original SPF record.

This is simplest if we can keep the two domains identical. There is no need
for scoping or any additional SPF records.  There is also no IPR
infringement.  We do the SPF check on the MAIL FROM domain, and if it
doesn't fail, we make sure that domain appears in the 2822 headers. Doesn't
sound much like SID to me.

You're reinventing mailfrom/sender "equivalency" I talked about year ago, see http://archives.listbox.com/spf-discuss(_at_)v2(_dot_)listbox(_dot_)com/200410/0710.html
and follow comments on that thread.

I've worked further on it privately but has not done a draft because I
believe it would only be good if we actually seriously start working on
SPFng (spf3 I presume) and it has not happened.

http://spfhelp.net/fix-1.php for a similar idea I came up with about the same time as William came up with his. One consolation is that the concept is now probably unpatent-able ;-) With refining - it is the obvious way to make SPF *much* more usable.