----- Original Message -----
From: "Julian Mehnle" <julian(_at_)mehnle(_dot_)net>
Hector Santos wrote:
Too bad I was out of the loop when this decision was made.
Thats a major difference in SPF implementations and now you see the
effect for large SPF organization/networks wishing to support SPF.
It was also a major security hole in the old SPF specification that needed
to be fixed.
I don't disagree with the need for a fix. I disagree with the low ball SWAG
of 10 limit for lookup mechanisms. It is too low IMO and I would venture a
PERMERROR is premature for many older SPF large organizations records. For
all intent and purpose it places an artificial limit on the total domains
(10) a large site may use.
Again:
Classic SPF(Microsoft) = SoftFail
Current SPF(Microsoft) = PermError
It has nothing to do with a interoperability issue but a "human SWAG"
artificial limit. Again, this is not a recursive issue where there was a
real security hole concern.
I would think, that if I was in the loop when this was being decided, I
would suggested that the end result should be the same. If other words, if
the complete exhausted result is a SOFTFAIL, then the cut off would be a
SOFTFAIL as well.
Anyway, what's written is written. I would love to see what Microsoft has
to say or what they end up correcting it with. Scott, have you contacted
them yet?
--
Hector Santos, Santronics Software, Inc.
http://www.santronics.com
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com