spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [spf-discuss] Received-SPF extensions

2007-02-24 09:36:31
from [Scott Kitterman] [Permanent Link] 
On Saturday 24 February 2007 10:59, Stuart D. Gathman wrote:

Currently, pymilter adds up to 3 SPF headers:
2007Feb24 10:49:22 [4149] Received-SPF: none (mail.bmsi.com: 212.76.37.164
is neither permitted nor denied by domain of apachegrips.com)
client_ip=212.76.37.164; envelope_from="Poratoiyg(_at_)apachegrips(_dot_)com";
helo=nat-go2.aster.pl; receiver=mail.bmsi.com; identity=mailfrom
2007Feb24 10:49:22 [4149] X-Hello-SPF: pass
2007Feb24 10:49:22 [4149] X-Guessed-SPF: neutral

The X-Guessed-SPF header exists because such heuristic results should
always be distinguished from the official SPF result.  The X-Hello-SPF
header exists because adding two Received-SPF headers is cumbersome and
redundant (been there, done that).

Now, I'm thinking that X-Hello and X-Guessed should be extended keywords
on the Received-SPF, so that the above would become:

2007Feb24 10:49:22 [4149] Received-SPF: none (mail.bmsi.com: 212.76.37.164
  is neither permitted nor denied by domain of apachegrips.com)
  client_ip=212.76.37.164; 
envelope_from="Poratoiyg(_at_)apachegrips(_dot_)com";
  helo=nat-go2.aster.pl; receiver=mail.bmsi.com; identity=mailfrom;
  x-hello=pass; x-guessed=neutral

Comments?  Anyone already using similar keywords that I should be
consistent with?



From an RFC 4408 SPF perspective you do have two SPF results.  One for Mail 
From and one for HELO, so I would think that two headers would be 

appropriate.  Why are you against them?

The forthcoming SpamAssassin 3.2 has a change that will use Received-SPF if it 
was added by a trusted relay.  I'd suggest looking at what they did and 
producing a result that they will use (that's the only automated consumer of 
Receieved-SPF that I am aware of that's likely to be widely deployed in the 
near term).

http://issues.apache.org/SpamAssassin/show_bug.cgi?id=5239

Scott K

-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to http://v2.listbox.com/member/?list_id=735
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [spf-discuss] Received-SPF extensions, Stuart D. Gathman
Next by Date:  Re: [spf-discuss] Received-SPF extensions, Stuart D. Gathman
Previous by Thread:  [spf-discuss] Received-SPF extensions, Stuart D. Gathman
Next by Thread:  Re: [spf-discuss] Received-SPF extensions, Stuart D. Gathman
Indexes:  [Date] [Thread] [Top] [All Lists]