Re: SPF I-D for review: draft-schlitt-spf-classic-01.txt
Frank Ellermann <nobody@xyzzy.claranet.de> Mon, 23 May 2005 20:33 UTC
Received: from above.proper.com (localhost.vpnc.org [127.0.0.1]) by above.proper.com (8.12.11/8.12.9) with ESMTP id j4NKXkJU037101; Mon, 23 May 2005 13:33:46 -0700 (PDT) (envelope-from owner-ietf-smtp@mail.imc.org)
Received: (from majordom@localhost) by above.proper.com (8.12.11/8.12.9/Submit) id j4NKXkf4037100; Mon, 23 May 2005 13:33:46 -0700 (PDT)
X-Authentication-Warning: above.proper.com: majordom set sender to owner-ietf-smtp@mail.imc.org using -f
Received: from ciao.gmane.org (main.gmane.org [80.91.229.2]) by above.proper.com (8.12.11/8.12.9) with ESMTP id j4NKXi2I037085 for <ietf-smtp@imc.org>; Mon, 23 May 2005 13:33:44 -0700 (PDT) (envelope-from gis-ietf-smtp-979@gmane.org)
Received: from list by ciao.gmane.org with local (Exim 4.43) id 1DaJZP-0005w3-MB for ietf-smtp@imc.org; Mon, 23 May 2005 22:30:39 +0200
Received: from 212.82.251.40 ([212.82.251.40]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for <ietf-smtp@imc.org>; Mon, 23 May 2005 22:30:39 +0200
Received: from nobody by 212.82.251.40 with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for <ietf-smtp@imc.org>; Mon, 23 May 2005 22:30:39 +0200
X-Injected-Via-Gmane: http://gmane.org/
To: ietf-smtp@imc.org
From: Frank Ellermann <nobody@xyzzy.claranet.de>
Subject: Re: SPF I-D for review: draft-schlitt-spf-classic-01.txt
Date: Mon, 23 May 2005 22:20:14 +0200
Organization: <URL:http://purl.net/xyzzy>
Lines: 97
Message-ID: <42923AFE.79B4@xyzzy.claranet.de>
References: <x4r7g17iye.fsf@footbone.schlitt.net> <200505221721.29489.blilly@erols.com> <429192FA.58CC@xyzzy.claranet.de> <20050523134752.GF89934@verdi>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Complaints-To: usenet@sea.gmane.org
X-Gmane-NNTP-Posting-Host: 212.82.251.40
X-Mailer: Mozilla 3.0 (OS/2; U)
Sender: owner-ietf-smtp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-smtp/mail-archive/>
List-ID: <ietf-smtp.imc.org>
List-Unsubscribe: <mailto:ietf-smtp-request@imc.org?body=unsubscribe>
John Leslie wrote: > The IESG intent at the closing of MARID was that the various > drafts be submitted by individuals for "Experimental" status. I've never found out what the intent was of not discussing CSV at all, and something like v=spf1 (spf2.0/mfrom) for only three days. After some time of being stunned I decided that it was an experiment to prove that RfC 3710 (4.3) is incompatible with RfC 2418 (4). <shrug /> The damage is done, let's forget it and move on. I also think that e.g. MTAMARK is an excellent idea. Couple this with say SIQ, add draft-hutzler-spamops, 2476bis, okay, I'm dreaming :-) > Misdirected bounces are a significant problem: Indeed... :-( And I have serious doubts about reporting them as spam if the receiver didn't have a fair chance to reject this crap (instead of bouncing). If that somehow "encourages" admins to delete mail, SMTP is in trouble. That would be NOW. > I have the impression that SPF intends to do more than this. Sure, PASS + RHSBLs (black or white) make sense. With a PASS RfC 3834 works as expected (defining "oops, now I'm blocked" as unexpected outcome). Even C/R systems might start to work, or let's say they are less dubious based on a PASS. [zone cut] > I would recommend clarifying whether any such intent remains. No. I never understood what's so fatally wrong with q=ns, see draft-newton-maawg-spf-considerations-00 (6.2) for a part of the explanation. The CSV trick (up to 6 queries removing the labels left to right protecting the root servers) was a bit too complex to be retrofitted into v=spf1 - we have no bit for an include_subdomains=yes (old idea in an early SPF draft). For some time I proposed to allow both ways (q=ns and left to right, the latter with an op=nosub), but it was easier to just drop the "zone cut" concept, because nobody had implemented it. It was also an IESG [Discuss] => get rid of it before it bites. > "... -all" should mean the sender _wants_ forwarding to break That's not exactly true. Forwarding in the sense of MUA to MSA or smart host to mail out does of course not break (unless somebody screws up), because SPF isn't checked there. Forwarding in the sense of MX to scanner to MDA (or similar, add UUCP if needed ;-) also doesn't break for the same reason. As long as SPF is checked exactly once at the imaginary border defined by the MX of the receiver nothing breaks. This also includes aliases behind the same border, and the 1123 5.3.6 (b) style of mailing lists. Obviously a backup MX forwarding to the primary MX needs to be white listed, "check exactly once at your border" is a simple rule. Otherwise it's a case of forwarding to a third party. With a 5.3.6 (b) scheme, SRS, etc. it still works, the only case that "breaks" is 5.3.6 (a) if the next hop checks SPF. And that's behind the border of the original RCPT TO. BTW, so far I've seen this once in a year. It worked like a delayed 551 "user not local" (the next hop rejected the mail, and the 1123 5.3.6 (a) forwarder bounced it to me). Comparing one good bounce with the 150,000 misdirected bounces I'd say it's a deal - and I simply sent the mail again to the forwarded-to address, this bounce was really "551-like". Saying that the _sender wants forwarding to break_ is therefore not correct. Maybe the _receiver wanted forwarding to break_ : after all he should know that he checks SPF at host B and uses a 5.3.6 (a) forwarder host A _before_ B, that cannot work. The sender cannot know this, but the receiver should know it. > Experience so far has proven that "... -all" is very > problematic That's not my "551-like" experience. > My overall impression is that SPF probably strikes the wrong > balance between ease of publishing vs. ease of checking It's certainly not as simple as I'd like it to be, but when I found SPF (the AOL experiment last year) it was almost ready, and I needed "something like RMX yesterday". SPF was the only game in town at this moment, and that's still the case. Bye, Frank
- Re: "Header Reordering", yet again Robert A. Rosenberg
- Re: SPF I-D for review: draft-schlitt-spf-classic… Frank Ellermann
- Re: SPF I-D for review: draft-schlitt-spf-classic… Bruce Lilly
- Re: "Header Reordering", yet again Hector Santos
- Re: "Header Reordering", yet again Hector Santos
- Is it really FUD? [Re: "Header Reordering", yet a… Hector Santos
- Re: "Header Reordering", yet again Hector Santos
- Re: "Header Reordering", yet again Bruce Lilly
- Re: "Header Reordering", yet again Bruce Lilly
- Re: "Header Reordering", yet again Hector Santos
- Re: "Header Reordering", yet again Hector Santos
- Re: "Header Reordering", yet again Robert A. Rosenberg
- Re: "Header Reordering", yet again Frank Ellermann
- Re: "Header Reordering", yet again David MacQuigg
- Re: "Header Reordering", yet again william(at)elan.net
- Re: "Header Reordering", yet again Bruce Lilly
- Re: "Header Reordering", yet again David MacQuigg
- Re: "Header Reordering", yet again Valdis.Kletnieks
- Re: "Header Reordering", yet again David MacQuigg
- Re: "Header Reordering", yet again David MacQuigg
- Re: "Header Reordering", yet again Valdis.Kletnieks
- Re: "Header Reordering", yet again Valdis.Kletnieks
- Re: "Header Reordering", yet again Frank Ellermann
- Re: "Header Reordering", yet again Arnt Gulbrandsen
- Re: "Header Reordering", yet again Paul Smith
- Re: "Header Reordering", yet again Valdis.Kletnieks
- Re: SPF I-D for review: draft-schlitt-spf-classic… Frank Ellermann
- Re: "Header Reordering", yet again Hector Santos
- Re: "Header Reordering", yet again Paul Smith
- Re: MTAMARK Frank Ellermann
- Re: MTAMARK (was: SPF I-D for review: draft-schli… Valdis.Kletnieks
- Re: MTAMARK (was: SPF I-D for review: draft-schli… Robert A. Rosenberg
- Re: MTAMARK (was: SPF I-D for review: draft-schli… Robert A. Rosenberg
- Re: MTAMARK (was: SPF I-D for review: draft-schli… Bruce Lilly
- Re: MTAMARK (was: SPF I-D for review: draft-schli… Markus Stumpf
- Re: Chain of Trusted Forwarders David MacQuigg
- Re: Chain of Trusted Forwarders David MacQuigg
- Re: Chain of Trusted Forwarders Robert A. Rosenberg
- Re: Chain of Trusted Forwarders John Leslie
- Re: Chain of Trusted Forwarders Valdis.Kletnieks
- Re: Chain of Trusted Forwarders Valdis.Kletnieks
- Re: Chain of Trusted Forwarders Valdis.Kletnieks
- Re: "Header Reordering", yet again Frank Ellermann
- Re: "Header Reordering", yet again Frank Ellermann
- Re: Chain of Trusted Forwarders David MacQuigg
- Re: Chain of Trusted Forwarders David MacQuigg
- Re: "Header Reordering", yet again Bruce Lilly
- Re: Chain of Trusted Forwarders Valdis.Kletnieks
- Re: "CSV" [not comma-separated values] Dave Crocker
- Re: "Header Reordering", yet again John Leslie
- Chain of Trusted Forwarders David MacQuigg
- Re: "Header Reordering", yet again Valdis.Kletnieks
- Re: "Header Reordering", yet again ned+ietf-smtp
- Re: "Header Reordering", yet again ned+ietf-smtp
- Re: "Header Reordering", yet again David MacQuigg
- Re: "Header Reordering", yet again Bruce Lilly
- Re: "Header Reordering", yet again Bruce Lilly
- Re: "Header Reordering", yet again ned+ietf-smtp
- Re: "Header Reordering", yet again ned+ietf-smtp
- Re: "Header Reordering", yet again David MacQuigg
- Re: "Header Reordering", yet again ned+ietf-smtp
- Re: "Header Reordering", yet again ned+ietf-smtp
- Re: SPF I-D for review: draft-schlitt-spf-classic… Dave Crocker
- Re: SPF I-D for review: draft-schlitt-spf-classic… Dave Crocker
- Re: SPF I-D for review: draft-schlitt-spf-classic… Bruce Lilly
- Re: SPF I-D for review: draft-schlitt-spf-classic… Frank Ellermann
- Certified Server Validation (was: "CSV" [not comm… Frank Ellermann
- Re: "Header Reordering", yet again David MacQuigg
- Re: "Header Reordering", yet again Bruce Lilly
- Re: "Header Reordering", yet again ned+ietf-smtp
- Re: "Header Reordering", yet again David MacQuigg
- Re: "Header Reordering", yet again Bruce Lilly
- Re: "Header Reordering", yet again Valdis.Kletnieks
- Re: "Header Reordering", yet again Paul Smith
- Re: "Header Reordering", yet again Lyndon Nerenberg
- Re: "CSV" [not comma-separated values] Valdis.Kletnieks
- Re: "Header Reordering", yet again Paul Smith
- Re: "CSV" [not comma-separated values] wayne
- Re: "CSV" [not comma-separated values] Bruce Lilly
- Re: "CSV" [not comma-separated values] ned+ietf-smtp
- Re: "Header Reordering", yet again ned+ietf-smtp
- Re: "Header Reordering", yet again ned+ietf-smtp
- Re: "Header Reordering", yet again Arnt Gulbrandsen
- Re: "CSV" [not comma-separated values] Valdis.Kletnieks
- Re: "Header Reordering", yet again Bruce Lilly
- Re: "Header Reordering", yet again ned+ietf-smtp
- Re: "Header Reordering", yet again David MacQuigg
- Re: "CSV" [not comma-separated values] ned+ietf-smtp
- Re: "CSV" [not comma-separated values] Tony Finch
- Re: "CSV" [not comma-separated values] Bruce Lilly
- Re: SPF I-D for review: draft-schlitt-spf-classic… Bruce Lilly
- Re: SPF I-D for review: draft-schlitt-spf-classic… Frank Ellermann
- Re: "Envelope", yet again Bruce Lilly
- Re: SPF I-D for review: draft-schlitt-spf-classic… Bruce Lilly
- Re: "CSV" [not comma-separated values] Tony Finch
- Re: SPF I-D for review: draft-schlitt-spf-classic… Robert A. Rosenberg
- Re: "Envelope", yet again John C Klensin
- Re: SPF I-D for review: draft-schlitt-spf-classic… Hector Santos
- Re: SPF I-D for review: draft-schlitt-spf-classic… wayne
- Re: SPF I-D for review: draft-schlitt-spf-classic… Frank Ellermann
- "CSV" [not comma-separated values] Bruce Lilly
- Re: SPF I-D for review: draft-schlitt-spf-classic… Frank Ellermann
- Re: SPF I-D for review: draft-schlitt-spf-classic… Robert A. Rosenberg
- Re: SPF I-D for review: draft-schlitt-spf-classic… Robert A. Rosenberg
- LMAP systems wayne
- Re: SPF I-D for review: draft-schlitt-spf-classic… wayne
- Re: MTAMARK etc. Frank Ellermann
- Re: MTAMARK (was: SPF I-D for review: draft-schli… Tony Finch
- Re: SPF I-D for review: draft-schlitt-spf-classic… Paul Smith
- Re: SPF I-D for review: draft-schlitt-spf-classic… Arnt Gulbrandsen
- Re: MTAMARK (was: SPF I-D for review: draft-schli… Bruce Lilly
- Re: SPF I-D for review: draft-schlitt-spf-classic… Frank Ellermann
- Re: SPF I-D for review: draft-schlitt-spf-classic… Frank Ellermann
- Re: SPF I-D for review: draft-schlitt-spf-classic… Frank Ellermann
- Re: SPF I-D for review: draft-schlitt-spf-classic… Bruce Lilly
- Re: SPF I-D for review: draft-schlitt-spf-classic… Bruce Lilly
- Re: MTAMARK (was: SPF I-D for review: draft-schli… Tony Finch
- Re: SPF I-D for review: draft-schlitt-spf-classic… wayne
- Re: SPF I-D for review: draft-schlitt-spf-classic… Bruce Lilly
- Re: SPF I-D for review: draft-schlitt-spf-classic… wayne
- Re: SPF I-D for review: draft-schlitt-spf-classic… Bruce Lilly
- Re: SPF I-D for review: draft-schlitt-spf-classic… Bruce Lilly
- Re: SPF I-D for review: draft-schlitt-spf-classic… wayne
- Re: MTAMARK etc. Bruce Lilly
- Re: MTAMARK (was: SPF I-D for review: draft-schli… Bruce Lilly
- Re: SPF I-D for review: draft-schlitt-spf-classic… Bruce Lilly
- Re: SPF I-D for review: draft-schlitt-spf-classic… Bruce Lilly
- Re: SPF I-D for review: draft-schlitt-spf-classic… Bruce Lilly
- Re: MTAMARK (was: SPF I-D for review: draft-schli… Tony Finch
- Re: proposed Received-SPF trace header wayne
- Re: SPF I-D for review: draft-schlitt-spf-classic… wayne
- Re: SPF I-D for review: draft-schlitt-spf-classic… wayne
- Re: SPF I-D for review: draft-schlitt-spf-classic… Robert A. Rosenberg
- Re: SPF I-D for review: draft-schlitt-spf-classic… wayne
- Re: SPF I-D for review: draft-schlitt-spf-classic… wayne
- Re: SPF I-D for review: draft-schlitt-spf-classic… Frank Ellermann
- Re: MTAMARK (was: SPF I-D for review: draft-schli… Bruce Lilly
- Re: MTAMARK (was: SPF I-D for review: draft-schli… Markus Stumpf
- Re: SPF I-D for review: draft-schlitt-spf-classic… Valdis.Kletnieks
- Re: SPF I-D for review: draft-schlitt-spf-classic… Frank Ellermann
- Re: misdirected bounces Bruce Lilly
- Re: SPF I-D for review: draft-schlitt-spf-classic… Bruce Lilly
- Re: SPF I-D for review: draft-schlitt-spf-classic… Bruce Lilly
- Re: SPF I-D for review: draft-schlitt-spf-classic… Valdis.Kletnieks
- Re: SPF I-D for review: draft-schlitt-spf-classic… Frank Ellermann
- Re: misdirected bounces (was: SPF I-D for review:… ned+ietf-smtp
- Re: misdirected bounces (was: SPF I-D for review:… Bruce Lilly
- Re: "Envelope", yet again Bruce Lilly
- Re: "Envelope", yet again Bruce Lilly
- Re: misdirected bounces (was: SPF I-D for review:… John Leslie
- Re: SPF I-D for review: draft-schlitt-spf-classic… John Leslie
- Re: "Envelope", yet again John Leslie
- Re: SPF I-D for review: draft-schlitt-spf-classic… Bruce Lilly
- Re: misdirected bounces (was: SPF I-D for review:… Markus Stumpf
- Re: "Envelope", yet again Tony Finch
- Re: SPF I-D for review: draft-schlitt-spf-classic… Markus Stumpf
- Re: SPF I-D for review: draft-schlitt-spf-classic… Frank Ellermann
- Re: SPF I-D for review: draft-schlitt-spf-classic… Frank Ellermann
- Re: SPF I-D for review: draft-schlitt-spf-classic… Valdis.Kletnieks
- Re: "Envelope", yet again John Leslie
- Re: SPF I-D for review: draft-schlitt-spf-classic… Hector Santos
- "Envelope", yet again Bruce Lilly
- Re: SPF I-D for review: draft-schlitt-spf-classic… wayne
- Re: SPF I-D for review: draft-schlitt-spf-classic… Markus Stumpf
- Re: SPF I-D for review: draft-schlitt-spf-classic… Bruce Lilly
- Re: proposed Received-SPF trace header Valdis.Kletnieks
- Re: SPF I-D for review: draft-schlitt-spf-classic… wayne
- proposed Received-SPF trace header John Leslie
- Re: SPF I-D for review: draft-schlitt-spf-classic… John Leslie
- Re: SPF I-D for review: draft-schlitt-spf-classic… Frank Ellermann
- Intended status (was: SPF I-D for review: draft-s… Frank Ellermann
- Re: SPF I-D for review: draft-schlitt-spf-classic… ned+ietf-smtp
- Re: SPF I-D for review: draft-schlitt-spf-classic… wayne
- Re: SPF I-D for review: draft-schlitt-spf-classic… Bruce Lilly
- Re: SPF I-D for review: draft-schlitt-spf-classic… ned+ietf-smtp
- Re: SPF I-D for review: draft-schlitt-spf-classic… Bruce Lilly
- SPF I-D for review: draft-schlitt-spf-classic-01.… wayne