On Tuesday, October 04, 2011 01:47:09 PM Murray S. Kucherawy wrote: > > -----Original Message----- > > From: [email protected] [mailto:[email protected]] On Behalf Of > > Scott Kitterman Sent: Tuesday, October 04, 2011 1:40 PM > > To: [email protected] > > Subject: Re: [marf] Comments on > > draft-ietf-marf-authfailure-report-01.txt > > > > I'm not understanding who plans to use sender-id and why add that and > > not all the other auth-results? > > By removing the limitation on which results get reported, we are in effect > adding all the other ones, at the option of the reporting site. That's > what I meant by "agnostic".
No. I think not. Both paragraph 3.2 and 3.3 have DKIM and SPF specific requirements that are not sufficient for other authentication types. Yes, the actual header might refer to other types, but without the additional diagnostic information in from 3.2/3.3. At the very least sender-id would have to be added to the list of authentication failure types in 3.3 (I propose we not do this and just focus on DKIM/SPF). BTW, looking at this again has caused me to notice that spf-dns isn't referred to anywhere in 3.2/3.3. There should be a 3.2.3 for SPF reports that requires spf-dns fields for all SPF records used to process the message. Scott K _______________________________________________ marf mailing list [email protected] https://www.ietf.org/mailman/listinfo/marf
