spf-discuss
[Top] [All Lists]

[spf-discuss] Re: SPF-EAI (was: Re: 99.95% of all SPF records use no macros)

2008-07-26 16:51:05
Alessandro Vesely wrote:
 
the alphabet we use doesn't allow a third case beyond %{l}
and %{L}. Does that call for additional macro transformers?

I think %{L} is good enough for the purpose of URIs in an
explanation.  But now that you mentioned it, the I-D needs
a reference to RFC 3987 for this purpose.  Percent-encoded
UTF-8, no rocket science.

Unless folks try to put %{L} into a host name for an http-
URL in an explanation.  But that never worked as expected
depending on the local part, that is no new SPF-EAI issue.

When spf-eai says "The local part MUST NOT be transformed"
it implies that %{l} cannot be used for DNS lookups if
internationalized local parts are present. 

No, it implies "use the local part octets as is", because
that's also what happens outside of EAI in SPF.  

For x+y(_at_)example and %{l}.test you get x+y.test.  That is
no LDH host name as used in many protocols, but it is a
valid DNS name (FQDN).

For ÄÖÜ(_at_)example you get ÄÖÜ.test using the UTF-8 octets.

You don't get the IDNAbis punycode xn--whatever.test for
ÄÖÜ.  EAI local parts are not limited to what's allowed
in IDNAbis, e.g., Ä+Ü is a valid EAI local part, but not
a valid IDNAbis U-label.

I can log a query, but I won't know if it passed or failed.

Add the sending IP to your SPF exists: logging magic, then
you'd know what the result should be.  With exist you can
dictate the result:

 -exists:***.fail.your.domain.example 
 +exists:***.pass.your.domain.example

If *** gives you all info offered by macros, e.g. a unique
BATV local part, sending IP, etc., you can answer "make it
so" either for the fail- or the pass-exists.  We are about
to reinvent SES here... :-) 

 That has the decent charme of tracking cookies and "Web
bugs"... :-(
 
Huh... what was that?

Logging.  A receiver wastes his resources to do stuff for
the sender unrelated to what the receiver really wants -
same idea as Web bugs (transparent 1*1 images) or third
party tracking cookies.

 Frank



-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/735/=now
RSS Feed: https://www.listbox.com/member/archive/rss/735/
Powered by Listbox: http://www.listbox.com