-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Stuart D. Gathman wrote:
Ok, based on that, I might be convinced that "A:%{h}" should
not match for "HELO museum"
match (with appropriate IP) for "HELO museum."
Frank Ellermann wrote:
Apparently Scott also supports this approach. His reason was to protect
the DNS root servers and SPF checkers from bogus queries for
"oemcomputer" (no dot).
It's a compromise not directly related to anything I find in the SPF
spec., but in practice it makes sense.
Desirable, but not doable without majorly revolving RFC 4408. As unfor-
tunate as it may be, the concept of <target-name> (i.e. macro string
expansion result) validation is entirely unknown to RFC 4408. We cannot
graft it onto RFC 4408 retroactively, as that would be a major change.
Do we need that as erratum (or wannabe-erratum) wrt the interpretation of
a <target-name> when it only contains a single label ?
What I have in mind is this:
1: MAIL FROM:<user(_at_)test>
2: MAIL FROM:<user(_at_)test(_dot_)>
test. IN SPF "v=spf1 a:%{o}%{d}%{d} -all"
I strongly object to a test-driven approach for amending/fixing RFC 4408.
We should not make the official(!) test suite "more current" than the
spec. If you want to propose an erratum to the spec, please propose it as
a wording change.
Is that testtestest (1) and test.test.test.test. (2), and if yes, is
it "our" problem to be addressed in the spec., and while that's not the
case in an erratum ? Or should we say WTF, getting trailing dots right
is the problem of the sender, and using %{o}%{d}%{d} is anyway a bad
idea ?
The best we can do with RFC 4408 is being "slightly stricter" or "slightly
more lenient". Grafting semantic validation or input value normalization
onto it is out of the question.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFGBcM2wL7PKlBZWjsRAkAJAJ9vdTDNhfbjgR1z92GWxeBfJ6FScACgtKoH
TKSVtpzgi6wuIvfZhLfJELA=
=DZuf
-----END PGP SIGNATURE-----
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to http://v2.listbox.com/member/?list_id=735