"Murray S. Kucherawy" <[email protected]> wrote:
>> -----Original Message-----
>> From: [email protected] [mailto:[email protected]] On Behalf
>Of Alessandro Vesely
>> Sent: Tuesday, June 28, 2011 9:44 AM
>> To: [email protected]
>> Subject: Re: [marf] I-D Action: draft-ietf-marf-spf-reporting-00.txt
>>
>> A second point is the idea of a "conditional" report. That may mean,
>> e.g., only send me an SPF-failure report if you verified a DKIM
>> signature for the same domain name. By enabling reporting, one will
>> likely receive an inordinate amount of spam generated notifications:
>> it will be useful to check mail settings of a new domain, but will
>> turned off after a short time. Conditional reporting, instead, can
>be
>> kept permanently enabled. What do you think?
>
>I'm wary of going down this road. Although the current suite of
>extension drafts goes into only DKIM and SPF, it's possible (maybe
>likely) that other message evaluation schemes will be added here later.
>A true-false table of just DKIM and SPF has a size of four; adding one
>more makes it eight, etc. Eventually putting policy information able
>to account for all combinations into the DNS will become completely
>ugly.
This is generally true, but think send a feedback report on SPF Pass without a
valid DKIM signature could be useful to answer the question "Let me know about
stuff coming out of my IP space that isn't DKIM signed". This is a real
question I know is getting asked. It might be useful to have a standardized way
to ask and answer it.
I don't support addressing this now. I don't support a general solution for all
possible combinations. Perhaps after the current work is done we'll know what
makes sense.
Scott K
_______________________________________________
marf mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/marf
