spf-discuss
[Top] [All Lists]

[spf-discuss] Re: Domain reputation system design

2007-01-30 04:30:30
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Stuart D. Gathman wrote:
On Mon, 29 Jan 2007, Julian Mehnle wrote:
This is an interesting insight into your personal reputation system. 
Thank you!

However, shouldn't a reputation atom be qualified by more than just
"SPF" or "neutral" ("neutral" _what_?)?  I'd think you'd at least
require <scope/identity-type>, <method-of-authentication>, <result-of-
authentication>, e.g. "HELO", "SPF", "Pass"? 

You missed the previous post.  The qualifiers are currently:

if SPF pass:
  domain:SPF
elif bestguess:
  domain:GUESS
elif HELO SPF PASS or bestguess:
  domain:HELO
elif SPF neutral:
  domain:neutral
elif SPF softfail:
  domain:softfail
elif valid non-dynamic rDNS:
  1.2.3.4:IP
else:
  REJECT the connection

No, I did NOT miss it.

What does "neutral" mean?  Does it imply "SPF"?

SPF means SPF pass.

Ah.

I rather think _you_ missed _my_ point.  You _always_ need at least <scope/ 
identity-type> AND <method-of-authentication> AND <result-of-authentica- 
tion> as a qualification.  In your design, each qualifier name indicates 
only one item _explicitly_ ("foo") and _implies_ ("(bar)") the others:

   qualifier | scope   | auth-method     | auth-result
  -----------+---------+-----------------+-------------
   SPF       | (mfrom) | SPF             | (Pass)
   GUESS     | (mfrom) | SPF-guess       | (Pass)
   HELO      | helo    | (SPF/SPF-guess) | (Pass)
   neutral   | (mfrom) | (SPF)           | Neutral
   softfail  | (mfrom) | (SPF)           | SoftFail
   IP        | ip-addr | (valid rDNS)    | (match)

Not exactly the most obvious naming scheme. :-)

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFFvyuPwL7PKlBZWjsRAuu2AKCP/KIlr7CWAzjeOXmp7fuJ5uqBOgCcCJVG
eOn3yB29TE+8I6kd5hTp88E=
=ZBgv
-----END PGP SIGNATURE-----

-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to http://v2.listbox.com/member/?list_id=735

<Prev in Thread] Current Thread [Next in Thread>