alan wrote:
At 09:00 08/07/2009 Wednesday, Michael Deutschmann wrote:
V-SPF mostly gives inferior information. In V-SPF, softdeny is pointless,
and V-SPF neutral collapses together G-SPF neutral, softdeny and fail. But
V-SPF's fail maps to something that just doesn't exist in G-SPF.
i think this definition is pointless and misleading
+1, and adding a D-SPF is not going to clarify much.
All spf domains can have -all
{if and only if they control the outgoing mail-flow entirely or know all the originating ip's that users will use}
if they do not they then use ? or ~ all
Vice-versa, an ESP may use -all to force their users to use SUBMIT.
all receivers MUST whitelist non-SRS forwarders that their users are using as
in either scheme {above} the ip of their users external forwarders will not be
passed by either SPF
{SRS forwarders exist just to enable forwarding to not
require whitelisting}
if any receiver dosn't whitelist forwarders and rejects on -all, they will loose legit user mail
{if and only if that user has a non-SRS forwarder}
thus a receiver choosing to not whitelist forwarders cannot use SPF to make any
determination about email, simple
I disagree with this view. The burden is on forwarders to work out how
to do their job. In order of increasing compliance and difficulty,
they can
0) forward naively and be blocked,
1) forward with a blank MAIL FROM,
2) forward with static (or VERPed) senders if they really care,
3) deploy SRS, or
4) get whitelisted at the target host.
The last point implies an agreement, thereby complying also with
privacy laws that require an explicit consent to use someone else's
email address. It is more difficult because the software to automate
it does not exist yet, AFAIK.
-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/735/=now
RSS Feed: https://www.listbox.com/member/archive/rss/735/
Powered by Listbox: http://www.listbox.com