John Kelly wrote:
Listbox has done nothing wrong. Frank has done nothing wrong.
More important, there's almost nothing "I" (= in fact my ISP)
could do better for your problem. Your check was against a
sending IP of listbox.
My ISP can't publish a PRA policy with listbox's IPs, I'm only
one of their users. If all users would add the IPs of their
various mailing lists to a hypothetical PRA policy it can't
work. Or it would end as "spf2.0/pra ?all" with an explicit
PRA NEUTRAL. That wouldn't help you, you want a PASS or FAIL.
Pragmatism is needed, and it seems to me that any pragmatic
list manager who cares about getting the mail thru can do
some extra work, change his configuration, and start adding
the headers necessary to make his list SID compliant, even
though the RFC does not say he MUST do it.
Why should _all_ lists of the world, _all_ forwarders of the
worls, _all_ news servers (for moderated groups) of the world,
and _all_ news moderators (for moderated X-Posts) change their
ways only to accomodate a not yet published experimental SID
RFC with the longest IESG note I've ever seen currently under
IAB appeal (apparently the 8th in the history of the IAB) ?
That's madness. SPF only asks all forwarders to please change
their ways (in essence back to what they did before RfC 1123),
and if they're not interested it's okay: SPF FAIL publishers
know that it won't happen immediately, and they can deal with
a few good bounces.
SPF is the least painful change. PRA is asking far too much
at this time. Especially if it tries to _force_ people into
this dubious scheme instead of SPF's quiet voluntary adoption.
Probably my ISP would pull its SPF sender policy before adding
weird "spf2.0/pra ?all" records, if only one user reports that
"SPF rejects my mail, get rid of it".
Where it's in fact PRA abusing v=spf1 rejecting the mail, but
how would ordinary users know this, even you were not sure.
BTW, please share your experience with IAB and IESG, they don't
know these details. They don't understand them. That's the
main trouble here, nobody but "us" cares, only SPF enemies like
Doug Otis are of course delighted.
JFTR, "my" FAIL policy was published before SenderID existed.
You call it opt-out like it's some kind of spam scheme.
Yes, it's a scheme with no serious technical merits of its own,
see a short summary <http://en.wikipedia.org/wiki/Sender%20ID>
I think validating headers is a good idea.
If you like it use it. But don't use it with sender policies
designed for a rather different purpose by folks not interested
in PRA, what you'd get would be necessarily wrong in certain
cases. Far too many cases to fix them on the fly. Bye, Frank
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com