Based on frequent permerrors, I've determined that people expect
the base domain of relative names to be the domain of the SPF
record, For instance, if they publish
example.com IN SPF "v=spf1 a:mail -all"
what they meant was:
example.com IN SPF "v=spf1 a:mail.example.com -all"
We might consider that for SPF2.1 - except it is of limited usefullness
since it is only unambiguous when there is no dot at all.
This is common enough, that I will put in a lax mode heuristic.
Remember, nit pickers, "lax" mode does *not* change the SPF result.
It only changes what my mail system does with the email. If applying
the various heuristics (like appending record domain to non FQDN) can
produce a "pass", the Received-SPF result is still permerror, but the mail
is delivered instead of rejected. In addition, a helpful/annoying DSN is
sent to inform the sender of the permerror.
--
Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flammis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com