Re: [spfbis] [Technical Errata Reported] RFC7208 (4082)
Scott Kitterman <scott@kitterman.com> Wed, 13 August 2014 23:30 UTC
Return-Path: <scott@kitterman.com>
X-Original-To: spfbis@ietfa.amsl.com
Delivered-To: spfbis@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 958FD1A0201 for <spfbis@ietfa.amsl.com>; Wed, 13 Aug 2014 16:30:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6OVbe3QbSlL9 for <spfbis@ietfa.amsl.com>; Wed, 13 Aug 2014 16:30:32 -0700 (PDT)
Received: from mailout03.controlledmail.com (mailout03.controlledmail.com [IPv6:2607:f0d0:3001:aa::2]) (using TLSv1.1 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3F1E31A0432 for <spfbis@ietf.org>; Wed, 13 Aug 2014 16:30:29 -0700 (PDT)
Received: from mailout03.controlledmail.com (localhost [127.0.0.1]) by mailout03.controlledmail.com (Postfix) with ESMTP id 45D02956013; Wed, 13 Aug 2014 19:30:28 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=kitterman.com; s=2014-01; t=1407972628; bh=J7ZH5nTPDM1jew6z//mc29ue/B+XSz73+0/4vWxiLv8=; h=In-Reply-To:References:Subject:From:Date:To:CC:From; b=PvhrEZFgXIxQGTRyLhZQ4m6VOGX5Idd6AGjJdI0+InwgucbPCd4ZEeE0bd1snR5RB r4kEAZQ8TH7DlK3l947sOLPadO6uMHeU8QZj6no7DQ7wC5U3VG9kRZ1zePm1lkZSoT Iz1hNXvMiX0QueX04ooJrkwBcvA5qKiB5jwYvAjs=
Received: from [IPV6:2600:1003:b112:61a2:b846:f226:2e3e:11] (unknown [IPv6:2600:1003:b112:61a2:b846:f226:2e3e:11]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mailout03.controlledmail.com (Postfix) with ESMTPSA id 8B360956011; Wed, 13 Aug 2014 19:30:27 -0400 (EDT)
User-Agent: K-9 Mail for Android
In-Reply-To: <20140813231306.9680818000E@rfc-editor.org>
References: <20140813231306.9680818000E@rfc-editor.org>
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----L9YLWZ144FU9BOI08KEWPL6BS77JGQ"
Content-Transfer-Encoding: 8bit
From: Scott Kitterman <scott@kitterman.com>
Date: Wed, 13 Aug 2014 19:30:34 -0400
To: RFC Errata System <rfc-editor@rfc-editor.org>, barryleiba@computer.org, presnick@qti.qualcomm.com, sm+ietf@elandsys.com, ajs@anvilwalrusden.com
Message-ID: <bf1f1586-c2a1-4e87-8365-c8cf7be0bfe1@email.android.com>
X-AV-Checked: ClamAV using ClamSMTP
Archived-At: http://mailarchive.ietf.org/arch/msg/spfbis/oujvt7SapB-7rWu4I9GGsHW-qNM
X-Mailman-Approved-At: Wed, 13 Aug 2014 19:01:45 -0700
Cc: spfbis@ietf.org, d.stussy@yahoo.com
Subject: Re: [spfbis] [Technical Errata Reported] RFC7208 (4082)
X-BeenThere: spfbis@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: SPFbis discussion list <spfbis.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spfbis>, <mailto:spfbis-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/spfbis/>
List-Post: <mailto:spfbis@ietf.org>
List-Help: <mailto:spfbis-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spfbis>, <mailto:spfbis-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Aug 2014 23:30:35 -0000
5.7.8 talks about things like incorrect password issues. That's not the kind of authentication at work for SPF. SPF is more strictly about authorization, not authentication. This should be rejected. Scott K On August 13, 2014 7:13:06 PM EDT, RFC Errata System <rfc-editor@rfc-editor.org> wrote: >The following errata report has been submitted for RFC7208, >"Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, >Version 1". > >-------------------------------------- >You may review the report below and at: >http://www.rfc-editor.org/errata_search.php?rfc=7208&eid=4082 > >-------------------------------------- >Type: Technical >Reported by: D. Stussy <d.stussy@yahoo.com> > >Section: 8.7 > >Original Text >------------- >... If the message is rejected during the SMTP transaction for >this reason, the software SHOULD use an SMTP reply code of 550 >and, if supported, the 5.5.2 enhanced status code ... > >Corrected Text >-------------- >... If the message is rejected during the SMTP transaction for >this reason, the software SHOULD use an SMTP reply code of 550 >and, if supported, the 5.7.8 enhanced status code ... > >Notes >----- >5.5.2 refers to responses where there's an SMTP COMMAND syntax error. >5.7.8 refers to messages where authentication credentials are invalid. > >5.7.8 is a better description for rejecting an unauthorized message due >to the >application of invalid authentication credentials such as bad syntax in >an SPF DNS record. > >The author of this errata notes that the IANA is showing a pending >addition to >the enhanced codes to add SPF-specific error code 5.7.24 (in lieu of >5.5.2 or >5.7.8), but currently sees no valid RFC proposing it. The draft is >located at: >http://tools.ietf.org/html/draft-ietf-appsawg-email-auth-codes-07 > >The use of 5.5.2 here is misleading since the source of the error is >not the >SMTP command stream. > >Instructions: >------------- >This erratum is currently posted as "Reported". If necessary, please >use "Reply All" to discuss whether it should be verified or >rejected. When a decision is reached, the verifying party (IESG) >can log in to change the status and edit the report, if necessary. > >-------------------------------------- >RFC7208 (draft-ietf-spfbis-4408bis-21) >-------------------------------------- >Title : Sender Policy Framework (SPF) for Authorizing Use >of Domains in Email, Version 1 >Publication Date : April 2014 >Author(s) : S. Kitterman >Category : PROPOSED STANDARD >Source : SPF Update >Area : Applications >Stream : IETF >Verifying Party : IESG
- [spfbis] [Technical Errata Reported] RFC7208 (408… RFC Errata System
- Re: [spfbis] [Technical Errata Reported] RFC7208 … Scott Kitterman
- [spfbis] [Errata Rejected] RFC7208 (4082) RFC Errata System
- Re: [spfbis] [Technical Errata Reported] RFC7208 … Barry Leiba
- Re: [spfbis] [Technical Errata Reported] RFC7208 … Murray S. Kucherawy