spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [spf-discuss] back to Reclassifying Sender ID and SPF as Historic - was: New SPF Council

2009-01-20 09:25:08
from [Alex van den Bogaerdt] [Permanent Link] 
My 2ct, user hat on:

summary:
Make sure MS understands and agrees that v=spf1 is not equivalent to spf2.0/mfrom,pra. Publish a new RFC, mostly the same as RFC4408, but with its current issues repaired. The preferred resource record type is 'SPF', with resource record type 'TXT' being phased out in some well defined time. 



I think the following needs to be done:
1: Work out the issue MS caused. Reusing 'our' records may be fine (I still think it isn't, layer separation), but doing so in an incompatible manner is most certainly not. I strongly opt for SPF to deal with the message transaction (RFC821) and SenderID with the content/headers (RFC822). That is, if enough people find SenderID worth continuing. I have no insight in the SenderID experiment, if that experiment is considered a failure then there's nothing to solve.
Problem observed in the wild: Messages being flagged as forged, despite that from an SPF perspective everything was okay. One often seen case is a mailing list which sends the message using its own RFC821 mail from, but keeps the RFC822 From as is. No problem for SPF, it is a problem for SenderID, but the domain owner did NOT publish a SenderID record.
Of course MS is welcome to implement SPF, but do so as is written out in the spec.
2: get rid of TXT. It was nice to experiment with, but now that we have our own resource record type, it should be used exclusively. During some amount of time, say a couple of years, the TXT RR could function as a fall back, but it should be clear that this is going to be phased out.
I strongly urge MS to _NOT_ adopt the SPF RR for their own protocols. This to avoid future clashes, no matter how well meant.
3: no new features. The transition to true SPF policies in true SPF resource records is hard enough. 

4: I don't see a reason to get rid of features.





-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/735/=now
RSS Feed: https://www.listbox.com/member/archive/rss/735/
Powered by Listbox: http://www.listbox.com
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Re: [spf-discuss] New SPF Council - was Reclassifying Sender ID and SPF as Historic, alan
Next by Date:  Re: [spf-discuss] Worthiness of SPF by scope: helo, mfrom, and pra, Scott Kitterman
Previous by Thread:  Re: Re: [spf-discuss] New SPF Council - was Reclassifying Sender ID and SPF as Historic, alan
Next by Thread:  Re: [spf-discuss] back to Reclassifying Sender ID and SPF as Historic - was: New SPF Council, Alessandro Vesely
Indexes:  [Date] [Thread] [Top] [All Lists]