In a future SPF version, I'd like to see the "Received-SPF:" header
extended to have an extra "exempt" status.
Adding a "Received-SPF: exempt" header would allow an MTA to say, "I
normally check SPF here. However, I have out-of-band information that
supports the provenance of this particular mail, even though an SPF check
would probably return fail. Any other Received-SPF: headers in this
message are not from me."
This would allow an MUA to always trust the topmost Received-SPF: in
incoming mail. Otherwise, in an "exempt" case, the MTA would add no
Received-SPF:, and the MUA would be confused by any spurious Received-SPF:
header already in the message.
One case where "exempt" could be used is when an ISP has one MTA serving
as both smarthost and MX. Mail from a local user on a dynamic IP to
another local user will probably fail SPF, yet the MTA can be even more
confident in it than in SPF-pass mail from outside.
Another obvious case is any sort of "trusted traditional forwarder"
arrangement.
---- Michael Deutschmann <michael(_at_)talamasca(_dot_)ocis(_dot_)net>
-------------------------------------------
-----------------------------------------------------------------------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to http://v2.listbox.com/member/?list_id=735
Powered by Listbox: http://www.listbox.com