spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[spf-discuss] Re: Revising FAIL

2008-01-08 12:49:47
from [Julian Mehnle] [Permanent Link] 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Julian Mehnle wrote:

Alessandro Vesely wrote:

The current paragraph reads

2.5.4.  Fail

    A "Fail" result is an explicit statement that the client is not
    authorized to use the domain in the given identity.  The checking
    software can choose to mark the mail based on this or to reject
    the mail outright.

I'd rather see

    A "Fail" result is an explicit statement that the client is not
    authorized to use the domain in the given identity.  The checking
    software MUST reject the mail outright.

Marking may allow messages with abused names to hit users. SPF should
avoid exactly that. There are no false positives, since the domain
owner is the direct origin of such "explicit statement". (Yes, there
may be errors in the SPF setup, that's why SOFTFAIL exists. See next
post.)


The problem with mandating receiver policy is that receivers are going
to ignore it at will.  Receivers will always do what they think is best
for them.

The current wording merely suggests possible reactions to the "Fail"
result but does not mandate anything.  I think it's better that way.


Since there seems to be some desire to make the "Fail" definition more 
explicit with regard to messages getting rejected, how about that:

| A "Fail" result is an explicit statement that the client is not
| authorized to use the domain in the given identity.  Domain owners
| should be aware that mail receivers typically reject messages on this
| result.  Alternatively, some receivers decide to mark the mail based on
| this.   

?

This conveys both a heads-up to domain owners as well as a warm fuzzy 
feeling to receivers that others, too, are rejecting on "Fail", without 
actually mandating receiver policy.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHg8YQwL7PKlBZWjsRAk6QAJsEXg36Dpk2pdLr66Or/jOLipbIFQCdFkpw
lIw22WAnmrJYQj4mEvJt2w4=
=oW/P
-----END PGP SIGNATURE-----

-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Archives: http://v2.listbox.com/member/archive/735/=now
RSS Feed: http://v2.listbox.com/member/archive/rss/735/
Modify Your Subscription: 
http://v2.listbox.com/member/?member_id=2183229&id_secret=83259599-098ef9
Powered by Listbox: http://www.listbox.com
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [spf-discuss] Re: Revising FAIL, Daniel Taylor
Next by Date:  Re: [spf-discuss] Re: Revising FAIL, WebMaster
Previous by Thread:  Re: [spf-discuss] Re: Revising FAIL, Alex van den Bogaerdt
Next by Thread:  Re: [spf-discuss] Re: Revising FAIL, WebMaster
Indexes:  [Date] [Thread] [Top] [All Lists]