So, Postfix puts the header in the right place with the policy engine. We'll
need to hear from Stuart of one of the other Milter authors to find out about
Sendmail.
The Milter API allows the Milter to "insert" a header at any position in
the existing header stack. It seems to me we should follow a simple rule -
prepend every new header in exactly the order it is generated. If the SPF
check is done before the body of the message is received, it ought to go
just below the Received: header.
It is my understanding that RFC 2821 requires that all "trace" headers be
kept in strict chronological order, even if other headers are moved around
(for purposes I've never understood). Although one could argue that an
authentication header is not a trace header, it certainly seems that it
should be in that category. It is unrealistic to expect recipients to know
which headers are out of chronological order, or even to know which RFC to
look in.
If the final SPF standard says to do something else, I will follow the
standard.
My 2 cents.
-- Dave
************************************************************ *
* David MacQuigg, PhD email: macquigg at open-mail.org * *
* President, Open-Mail dot org phone: USA 520-721-4583 * * *
* Postmaster, Box67 dot com * * *
* 9320 East Mikelyn Lane * * *
* http://purl.net/macquigg Tucson, Arizona 85710 *
************************************************************ *
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?list_id=735