On Sat, 20 May 2017, Steve Atkins wrote:


On May 20, 2017, at 2:13 PM, John Levine <jo...@taugh.com> wrote:

In article <3a8a3db1-a628-4cf5-add5-d2db22b5c...@blighty.com> you write:
"~all" is the smart policy to use; ignore those who tell you to use "-all" or 
"?all".

Not disagreeing, but what practical difference do you see between ~all softfail 
and ?all neutral ?

There are a couple of differences. The directly operational one is that ~all is 
in much more common
use, by senders of large quantities of generally wanted email, so I trust 
recipients to handle ~all in
the way I'd expect. I don't have that confidence with ?all (or -all, come to 
that).

That makes sense.

The indirectly operational one is that "?all" implies (to me, at least, and I 
think others) that the
generator of the SPF record is "testing" or hasn't faith in their SPF 
deployment, so suggesting that the
remainder of the SPF record may not be accurate. That means that there's not 
the same level
of positive signal associated with a ?all pass as with a ~all pass.

Hmm.
When I had an SPF record I ended with ?any to indicate that I didn't have much faith in SPF (and SRS) and to indicate that I believed that legitimate mail might well come from "anywhere".

I saw "~all" as a soft-fail" and "?any" as a "soft-pass";
in both cases I am suggesting that you should use your
judgement rather than mine, but with ?any I am saying
that it definitely could be genuine.

I use forwarding and expect others to forward messages I send to their users.
In the end I decided that SPF isn't really compatible with forwarding
and voted for a world with forwarding.

--
Andrew C Aitchison


_______________________________________________
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop

Reply via email to