-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Wayne Schlitt wrote:
There have been several ways to [represent scopes]:
I have been thinking on this for quite a while now but have kept silent
because it didn't seem to be the right time to re-open the issue, but now
that you mentioned it...
1) add scoping to the include: and redirect= mechanisms. Something
like this:
TXT "spf2.0/mfrom include:mydomain.esp.com redirect=%{d}/pra"
TXT "spf2.0/pra ip4:1.2.3.0/24 ip4:2.3.4.0/24 -all"
That is, on the include: and redirect= mechanisms, you can add a
"/" followed by a list of scopes that you want to use instead of
the current scope.
[...]
2) use a per-mechanism positional modifier, as defined in the SenderID
draft. Something like this:
TXT ( "spf2.0/mfrom,pra include:mydomain.esp.com scope=mfrom "
" ip4:1.2.3.0/24 ip4:2.3.4.0/24 -all" )
This "scope=" modifier can tell the SenderID implementation that
the include: mechanism is only supposed to be used for the mfrom
scope.
Note that positional modifiers, as defined in the SenderID draft
apply to only the preceeding mechanism, which is not what many
people expect. [...]
3) Use a non-positional modifier to change the scope. Something like
this:
TXT ( "spf2.0/mfrom,pra ip4:1.2.3.0/24 ip4:2.3.4.0/24 "
"scope=mfrom include:mydomain.esp.com scope=mfrom,pra -all" )
This "scope=" modifier lets you change the scope being applied to
all following mechanisms. It is like setting a variable.
...this 3rd form is //definitely// the way to go should a new version of
SPF come into range of sight. Perhaps the modifier name should be
abbreviated to "s=" or something, though.
Note that not everyone expects modifiers to act like variables, but
instead think of them like they are defined in the SenderID draft.
If there is only one difference between the records, then you end
up with longer records than if you used SenderID-type modifiers.
I never really cared about how positional modifiers worked in Sender-ID,
but I always thought that this was the way they worked. Seems the S-ID
guys weren't _that_ intelligent...
Another alternative for the above would be:
TXT ( "spf2.0/mfrom,pra ip4:1.2.3.0/24 ip4:2.3.4.0/24 "
"scope=-pra include:mydomain.esp.com scope=+pra -all" )
This lets you add and delete scope values, instead of just setting
them.
This is an interesting variant I hadn't thought of before. But I think
saving very few characters (at best) is not worth the loss of explicit-
ness.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iD8DBQFDxuw7wL7PKlBZWjsRAs4IAJsHFKcNSDmTbos3e0Zv2fF3LsdgcACg8woA
AQ+shHzOeeT5M1HKvN+mBe0=
=pbeG
-----END PGP SIGNATURE-----
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com