Julian Mehnle wrote:
> I defined the following set of "scopes" for request parameterization
> and internal use: "helo", "mfrom", "pra". The "mfrom" and "pra"
> scope names obviously come from the "spf2.0" scope names
That's dubious, the "mfrom scope" (spf2.0/mfrom) checks HELO identity
and MAIL FROM identity as specified in 4408 (v=spf1). RFC 4406 got
that wrong, but at least it still uses the term "MAIL FROM identity".
The Received-SPF header definition intentionally uses the correct
4408 terms, not the scope mishmash of RFC 4406, where it's unclear
WTF %h might be, especially when checking a PRA. We're not collecting
4406-errata, but that would be one the errors.
> I think that "mfrom" makes a better (since shorter) scope name
I think that publishing "spf2.0/mfrom" today, without an equivalent
"v=spf1", is a bad idea. The identity in your case is a MAIL FROM.
The scope is "v=spf1", also known as SMTP. For a scope "mfrom" it's
less clear.
> the local explanation is just a free form explanation.
We should have said "envelope-sender" as in the DSN RFCs, it's longer
than MAIL FROM, but better reflects that it can be different from the
2822-From. If something already has eight names adding "mfrom" as a
8th name IMO doesn't help. (MAIL FROM + 2821-From + reverse path +
Return-Path + envelope from + envelope sender + originator, probably
I missed some aliases)
> In the former, "identity" means the identity itself, not its type.
> In the latter, the "identity" key name should really have been named
> "identity-type" or "scope" or something.
Yes, IIRC I threatened "over my dead body" when Wayne wrote "scope".
That's the language of the enemy, not much better than "bounces-to".
Sometimes terminology is important, e.g. "ADMD" vs. "MON" + "MRN".
With "ADMD" you get MTAs scattered everywhere doing some forwarding
magic, sometimes changing the RCPT TO because they feel like it. With
"MON" and "MRN" you get IMO better abstractions of SMTP based on the
MX-concept. Also better for SPF, no surprise.
"Scope" is a similar beast, folks dream up wild and wonderful scopes,
like helo, pra, from, mfrom, submit, and what else.
Frank
-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?list_id=1007
> I defined the following set of "scopes" for request parameterization
> and internal use: "helo", "mfrom", "pra". The "mfrom" and "pra"
> scope names obviously come from the "spf2.0" scope names
That's dubious, the "mfrom scope" (spf2.0/mfrom) checks HELO identity
and MAIL FROM identity as specified in 4408 (v=spf1). RFC 4406 got
that wrong, but at least it still uses the term "MAIL FROM identity".
The Received-SPF header definition intentionally uses the correct
4408 terms, not the scope mishmash of RFC 4406, where it's unclear
WTF %h might be, especially when checking a PRA. We're not collecting
4406-errata, but that would be one the errors.
> I think that "mfrom" makes a better (since shorter) scope name
I think that publishing "spf2.0/mfrom" today, without an equivalent
"v=spf1", is a bad idea. The identity in your case is a MAIL FROM.
The scope is "v=spf1", also known as SMTP. For a scope "mfrom" it's
less clear.
> the local explanation is just a free form explanation.
We should have said "envelope-sender" as in the DSN RFCs, it's longer
than MAIL FROM, but better reflects that it can be different from the
2822-From. If something already has eight names adding "mfrom" as a
8th name IMO doesn't help. (MAIL FROM + 2821-From + reverse path +
Return-Path + envelope from + envelope sender + originator, probably
I missed some aliases)
> In the former, "identity" means the identity itself, not its type.
> In the latter, the "identity" key name should really have been named
> "identity-type" or "scope" or something.
Yes, IIRC I threatened "over my dead body" when Wayne wrote "scope".
That's the language of the enemy, not much better than "bounces-to".
Sometimes terminology is important, e.g. "ADMD" vs. "MON" + "MRN".
With "ADMD" you get MTAs scattered everywhere doing some forwarding
magic, sometimes changing the RCPT TO because they feel like it. With
"MON" and "MRN" you get IMO better abstractions of SMTP based on the
MX-concept. Also better for SPF, no surprise.
"Scope" is a similar beast, folks dream up wild and wonderful scopes,
like helo, pra, from, mfrom, submit, and what else.
Frank
-------
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?list_id=1007