spf-discuss
[Top] [All Lists]

[spf-discuss] Exempt status for Received-SPF header

2007-09-23 12:33:55
In a future SPF version, I'd like to see the "Received-SPF:" header
extended to have an extra "exempt" status.

Adding a "Received-SPF: exempt" header would allow an MTA to say, "I
normally check SPF here.  However, I have out-of-band information that
supports the provenance of this particular mail, even though an SPF check
would probably return fail.  Any other Received-SPF: headers in this
message are not from me."

This would allow an MUA to always trust the topmost Received-SPF: in
incoming mail.  Otherwise, in an "exempt" case, the MTA would add no
Received-SPF:, and the MUA would be confused by any spurious Received-SPF:
header already in the message.

One case where "exempt" could be used is when an ISP has one MTA serving
as both smarthost and MX.  Mail from a local user on a dynamic IP to
another local user will probably fail SPF, yet the MTA can be even more
confident in it than in SPF-pass mail from outside.

Another obvious case is any sort of "trusted traditional forwarder"
arrangement.

---- Michael Deutschmann <michael(_at_)talamasca(_dot_)ocis(_dot_)net>

-------------------------------------------
-----------------------------------------------------------------------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to http://v2.listbox.com/member/?list_id=735
Powered by Listbox: http://www.listbox.com

<Prev in Thread] Current Thread [Next in Thread>