On Sat, 20 May 2017, Steve Atkins wrote:
On May 20, 2017, at 2:13 PM, John Levine <jo...@taugh.com> wrote:
In article <3a8a3db1-a628-4cf5-add5-d2db22b5c...@blighty.com> you write:
"~all" is the smart policy to use; ignore those who tell you to use "-all" or
"?all".
Not disagreeing, but what practical difference do you see between ~all softfail
and ?all neutral ?
There are a couple of differences. The directly operational one is that ~all is
in much more common
use, by senders of large quantities of generally wanted email, so I trust
recipients to handle ~all in
the way I'd expect. I don't have that confidence with ?all (or -all, come to
that).
That makes sense.
The indirectly operational one is that "?all" implies (to me, at least, and I
think others) that the
generator of the SPF record is "testing" or hasn't faith in their SPF
deployment, so suggesting that the
remainder of the SPF record may not be accurate. That means that there's not
the same level
of positive signal associated with a ?all pass as with a ~all pass.
Hmm.
When I had an SPF record I ended with ?any to indicate that I didn't have
much faith in SPF (and SRS) and to indicate that I believed that
legitimate mail might well come from "anywhere".
I saw "~all" as a soft-fail" and "?any" as a "soft-pass";
in both cases I am suggesting that you should use your
judgement rather than mine, but with ?any I am saying
that it definitely could be genuine.
I use forwarding and expect others to forward messages I send to their
users.
In the end I decided that SPF isn't really compatible with forwarding
and voted for a world with forwarding.
--
Andrew C Aitchison
_______________________________________________
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
