On Thursday 08 June 2006 10:16, Stuart D. Gathman wrote:
I disagree. Once you have correctly arrived at the SPF result
specified by the sender (PASS,NEUTRAL,SOFTFAIL,etc), you are SPF compliant.
What you do with the email is your local receiver policy, and is
independent of SPF (and hopefully depends on many factors). The stated
goal of SPF is to eventually evolve to a situation where NONE and NEUTRAL
*are* commonly rejected. This is just not practical at present.
I reject on NEUTRAL for a handful of domains ...
Stuart, while I think you are doing the right thing technically for your
situation, I believe it is incorrect to characterize this approach as
compliant. While almost all receiver policy that was in the earlier specs
has been removed from the final RFC, you are tripping over one of the few
exceptions:
Paragraph 2.5.2 of RFC 4408 says, "A "Neutral" result MUST be treated exactly
like the "None" result; the distinction exists only for informational
purposes."
So, while your approach works (and I agree it's reasonable), it is NOT
consistent with a MUST in RFC 4408.
Scott K
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com