On Monday 04 December 2006 02:14, Seth Goodman wrote:
The proposals that we now need HARDPASS, HARDFAIL or perhaps even
op=auth suggests that we missed something very important. For a
protocol where the sender gives the recipient an unambiguous formula to
evaluate whether the sender's domain name in a return-path emitted by a
given IP is a forgery, result=maybe is of no help to the recipient. In
cases like this, both parties wasted their efforts. It appears that
giving senders the option to publish "?" violates two of Wayne's
sensible criteria, where what is communicated is something the sender
needs to say and the recipient needs to hear. I completely agree with
Wayne's three criteria and would summarize them as, "a communication
protocol should communicate something useful".
Mechanism in a record that start with ? aren't terribly useful. Agreed.
What is useful is the -all at the end which some people would be unable to
publish without the option for ?mechanism.
I more obvious example of this is when your ISP doesn't publish an SPF record
and you have to guess the IP blocks they send mail out of. You don't really
want to authorize random IP addresses, but without guessing, there's no way
to publish an SPF record.
Scott K
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to http://v2.listbox.com/member/?list_id=735