Philip Gladstone wrote:
[How about deprecating localpart macros]
As a user of localpart macros, I would be unhappy about this.
IMO "deprecate" would mean that new SPF applications are free
to honour or ignore SPF policies using this feature. They
could abort SPF checks with result NONE when they see a local-
part macro outside of explanations, for example.
They can of course already do this today as part of a "I don't
like localpart macros" receiver policy. But RFC 4408 does not
say how to implement "unsupported feature". It is certainly no
PERMERROR, "no match and move on" also won't cut it, so I think
it is a special case of NONE.
Why do I use localpart? I have a fail rule that (essentially)
says that invalid users in my domain may not send mail (from
anywhere). This cuts down on invalid mail and allows me to be
laxer about allowing forwarders that don't do SRS.
That sounds as if you have "?exists:%[l}.aux.%[d} -all" to get
NEUTRAL instead of FAIL for existing local parts. Or the other
way around: "-exists:%[l].aux.%{d} ?all" to get FAIL for any
non-existing local part. BTW, that would be very near to SES.
I'd prefer either PASS or FAIL as receiver, in simple policies.
SPF always had it clear that forwarding to 3rd parties without
indicating the responsibility violates the original spirit of
this feature in RFC 821.
Frank
--
Unrelated, I fear this list does something with your mail that
isn't compatible with your signature.
-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/735/=now
RSS Feed: https://www.listbox.com/member/archive/rss/735/
Powered by Listbox: http://www.listbox.com