On Sunday, January 29, 2012 08:53:22 PM Murray S. Kucherawy wrote: > > -----Original Message----- > > From: [email protected] [mailto:[email protected]] On Behalf Of > > Scott Kitterman Sent: Sunday, January 29, 2012 8:49 PM > > To: [email protected] > > Subject: Re: [marf] Additional dkim-reporting report type requests > > > > OK. I would say that's not an SPF result at all. > > Right; I would say it's a Verifier policy override of an SPF result, and > possible something a sender might want to know about. But that's because I > come from the DKIM side of things. > > The difference is probably in the specs themselves: DKIM has always talked > about the fact that a Verifier could render a signature failed for any > reason it wants (e.g., last paragraph of Section 6.1.1 of RFC6376) even if > all the bits line up to produce a valid signature, and I'm guessing SPF has > always put policy stuff like that out of scope.
Right, DKIM has no policy component at all, so any policy reasons are inherently of some other class of things, but without policy there's no action, so it makes sense to bring it in. In SPF, sender policy is embedded in the record and one can infer receiver policy based on results. If one is doing non-SPF things then it should be reported in some other way. I agree such reports would be of interest, I just don't seem them as SPF reports. I think it'd be inappropriate to use the SPF type for an Authentication Results header in such cases too. Scott K _______________________________________________ marf mailing list [email protected] https://www.ietf.org/mailman/listinfo/marf
