Alex van den Bogaerdt wrote:
See RFC 760, section 3.2, 1st paragraph.
Ugh, so far only Bruce Lilly and John Klensin got me with
RFCs older than 821. Have you checked that RFC 760 is the
oldest source for the robustness principle in RFCs ?
If someone's record doesn't end in <prefix>"all", should
I assume the intention was "-all", or should I assume
"?all" ?
In that case RFC 4408 doesn't leave it to your imagnation.
If someone's record ends in "+all", should I assume the
intention was to publish "-all", or should I do as I'm
asked to do?
Ditto, trying to outsmart others is often a recipe for
disaster. Of course there are unspecified special cases
in any non-trivial protocol, and say a gateway operator
not willing to outsmart others could be a public danger.
How about v=spf1amx-all; should I assume this was
intended to be a valid policy, published as 4 separate
parts, instead of one part with spaces?
(thus: "v=spf1" "a" "mx" "-all" instead of "v=spf1 a mx
-all")
Explicitly mentioned in the specification, all plausible
trouble we could foresee. One of the points in RFC 4408
we can be proud of, IMO. With a few remaining problems
addressed in the test suite, including a very small set
of issues now noted as errata.
In my opinion the best way to help people publishing
such records is to reject mail. They will soon find out,
and learn their mistakes.
+1 In a way SPF is a meta protocol, it talks about legit
or forged mail. By design SPF must be dangerous. That's
not the point where "be liberal" is a good idea. Legal
enforcement being liberal in whom they shoot would be bad.
Frank
-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: http://www.listbox.com/member/archive/735/=now
RSS Feed: http://www.listbox.com/member/archive/rss/735/
Powered by Listbox: http://www.listbox.com