spf-discuss
[Top] [All Lists]

Re: [spf-discuss] SPFv3 proposal: rawfail result

2011-02-04 03:43:13
On 04/Feb/11 03:28, Michael Deutschmann wrote:
On Thu, 3 Feb 2011, Stuart D. Gathman wrote:
No matter what you do, there will be receivers that don't actually
read the standard.

The standard says

   A "Fail" result is an explicit statement that the client is not
   authorized to use the domain in the given identity.  The checking
   software can choose to mark the mail based on this or to reject the
   mail outright.

But it would improve things, as even in this very forum there is not
universal agreement that SPFv1 "-all" is not a raw fail.

The root problem is that the original designers of SPFv1 arrogantly
assumed that SRS deployment would quickly outpace receiverside SPFv1
deployment, hence there would be no need to make the distinction.

IME, services that mailout from web pages and forwarders have learned
to set an empty mailfrom in case nobody is interested in knowing about
possible failures, or an SPF-compatible address otherwise.

No one should avoid publishing "-all" because there are clueless receivers.

How about clueless forwarders?

But they do.  That annoys me, but we cannot force them to stop lying
(saying "?all" when the truth is "-all").

"Truth"?  Do you mean whether it is true that a domain wants clueless
senders to get blocked rather than marked?

IMHO there is enough confusion already with neutral and softfail.  If
we want to provide for more, and still not block, why don't we just
allow to set the "mark" value numerically, specifying the score that
should be added or subtracted?  E.g.

   "v=spf3 +(5)62.94.243.226 -(10)all" ; unluckily signs are reversed

I do see potential usefulness in requesting that forwarded messages get
rejected.  It could help ensure a direct transfer between sender and 
receiver,

"/all" is insufficent for that purpose, as it will not block SRS
forwarders, or pull-based arrangements.


-------------------------------------------
Sender Policy Framework: http://www.openspf.org [http://www.openspf.org]
Modify Your Subscription: http://www.listbox.com/member/ 
[http://www.listbox.com/member/]

Archives: https://www.listbox.com/member/archive/735/=now
RSS Feed: https://www.listbox.com/member/archive/rss/735/2183229-668e5d0d
Modify Your Subscription: 
https://www.listbox.com/member/?member_id=2183229&id_secret=2183229-a7234b15
Unsubscribe Now: 
https://www.listbox.com/unsubscribe/?member_id=2183229&id_secret=2183229-98aa0fe6&post_id=20110204044140:16272EB2-3043-11E0-BADC-F6855A06CF21
Powered by Listbox: http://www.listbox.com