On Mon, Mar 31, 2008 at 07:19:01PM +0200, Frank Ellermann wrote:
Alex van den Bogaerdt wrote:
See RFC 760, section 3.2, 1st paragraph.
Ugh, so far only Bruce Lilly and John Klensin got me with
RFCs older than 821. Have you checked that RFC 760 is the
oldest source for the robustness principle in RFCs ?
<g>
No, I haven't.
If someone's record doesn't end in <prefix>"all", should
I assume the intention was "-all", or should I assume
"?all" ?
In that case RFC 4408 doesn't leave it to your imagnation.
If someone's record ends in "+all", should I assume the
intention was to publish "-all", or should I do as I'm
asked to do?
[snip: defaulting to ?all]
[snip: +all may be used wrong, but do so anyway]
Ditto, trying to outsmart others is often a recipe for
disaster.
Then the OP should assume "\"v=spf1 ... was intentional,
and thus not an SPF policy.
How about v=spf1amx-all; should I assume this was
intended to be a valid policy, published as 4 separate
parts, instead of one part with spaces?
(thus: "v=spf1" "a" "mx" "-all" instead of "v=spf1 a mx
-all")
Explicitly mentioned in the specification, all plausible
trouble we could foresee.
Is it? Where?
I have seen such a record in the wild, and the intention was to
publish one string with spaces, not four strings without spaces.
Of course the program doing SPF verification doesn't know this,
it just sees one string without spaces (the four concatenated).
-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: http://www.listbox.com/member/archive/735/=now
RSS Feed: http://www.listbox.com/member/archive/rss/735/
Powered by Listbox: http://www.listbox.com