----- Original Message ----- > From: "Scott Kitterman" <skl...@kitterman.com> > To: dmarc@ietf.org > Sent: Thursday, January 22, 2015 7:16:58 PM > Subject: Re: [dmarc-ietf] questions on the spec, was ... and two more tiny > nits, while I'm at it > > On Friday, January 23, 2015 03:03:28 John Levine wrote: > > >RFC 7208 doesn't say the HELO result determines anything. It says IF (I > > >say > > > >Avoiding a check that has been determined to be pointless is the only > > >change in this area in RFC 7208. > > Indeed, and that turns out to be a lot more incompatible than was > > appreciated at the time. > > I'm up to accepting that there's some ambiguity in the language, but I don't > see any actual incompatibility assuming the ambiguity is resolved > appropriately. > > If one changes "definitive policy result" to "definitive local policy result" > or > "definitive receiver policy result" then I think there's no ambiguity. > > I'm still a bit boggled that anyone is confused about this, but obviously > they > are. >
To try to explain the confusion... Well, DKIM is easy, DKIM is valid or is not (I'm excluding temp failures due to DNS etc..). The DKIM spec tells what the dkim result MUST be, and then the receiver do whatever with this result. With SPF, the spf=pass/fail result (as shown in the authentication-result header) is not depending on the sender policy as expressed in the SPF record, but at whatever the receiver policy is... Usually, a SPEC will tell the receiver what it SHOULD do to define the spf= status, but instead it seems RFC7208 says put whatever result you feel like... Therefore different implementations will produce different results. I could have an implementation that checks HELO only and check MAILFROM and ignore the last result to put in the SPF result and that would be in accordance to RFC7208. I could have an implementation that checks HELO and MAILFROM, where an helo pass is better than a MAILFROM fail or softfail, to put SPF=pass as result and that would be still in accordance with RFC7208. or I'm mistaken? _______________________________________________ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc
