----- Original Message -----
From: "Alex van den Bogaerdt" <alex(_at_)ergens(_dot_)op(_dot_)het(_dot_)net>
I was not referring to your record, but now in general.
A slightly simplified approach:
Just process the record left to right.
Why would I use APL logic (right to left) when the protocol says otherwise? <g>
Whats the point then?
You cannot be sure mail from those machines is really
sent by Scott but you can be sure other mail is not
sent by Scott. Do not mistake "?" for anything negative.
I know what ? means Alex.
I don't think you followed my logic here.
I have no interest in "you" (speaking in general) telling me that "you might or
not" be a "good guy" because to me, that means you are not trust worthy at any
level. It puts the burden on the receiver to do more work anyway using other
techniques.
In other words:
PASS - ACCEPT
FAIL - REJECT
OTHER - MORE WORK
So the system is optimized by fitting into this paradigm. Anything else is a
waste and this is especially the case when a "GOOD" person doing the sending is
telling me don't trust him.
I guess what I am saying is that "owners" of SPF DOMAINS should be the last
people sending from "neutral" machines. That should be for other people. Not
owners of domains.
Anyway, I found the bug in my 2 year old parser. It basically reflected the
above:
Get/Set PREFIX (default PASS)
NO MATCH - continue
When the NEUTRAL prefix was set, the A record match worked, but it returned a
NEUTRAL and in my parser, a NEUTRAL continues to the next directive. The MATCH
should of short circuited the parser regarding of the prefix - hence the bug.
I guess, I didn't expect people to be MATCHING on a NEUTRAL by telling world:
"Hey, its me. You got me! I am sending from the
machine I called from. Just to don't trust me."
Reading Scott's last message, it makes more sense why he has it this way. A
SOFTPASS is basically what it wants to expose. The problem is that with SPF,
in my opinion, is already too weak when there is no strong PASS/FAIL policy.
Anything in between is just fuzzy and most systems are going to do more work
anyway. The benefits of SPF is lost. However, I guess I can see the
Received-SPF feeding a statistics filter.
Anyway, that's my opinion on "hard" NEUTRALs.
--
Hector Santos, Santronics Software, Inc.
http://www.santronics.com