[mail-vet-discuss] Auth-Results issue #4 method=value values

Scott Kitterman mail-vet-discuss at kitterman.com
Wed Apr 19 15:55:15 PDT 2006


On 04/19/2006 17:42, Murray S. Kucherawy wrote:
> Tony Hansen wrote:

> How about:
>
>  The authentication method has either an explicit (i.e. published
>  by the sending domain) or implicit policy, but the policy being
>  used doesn't require successful authentication of all messages
>  from that domain, and the message failed the authentication tests.
>
> >     neutral
> >  The authentication method requires a policy to be accessed, but
> >         the sending domain does not publish any sender authentication
> >  policy.
>
> What if the method doesn't require a policy be accessed?
>
> Actually in light of that question, maybe we don't need "neutral" at all. 
> For methods that have a policy, the verification attempt will produce one
> of the other results.  For those that don't have some queryable policy,
> "neutral" never happens.
>

Actually for SPF, Neutral is a result.  If there is no policy information, the 
result in None.  I think you do need Neutral.  It could be something like:

        The authentication method requires a policy to be accessed, but
        the sending domain does not publish any sender authentication
        policy or the result of the policy test should be treated as if they 
        did not publish any sender authentication policy.

Here is the SPF definition for Neutral:

http://new.openspf.org/blobs/draft-schlitt-spf-classic-02.html#anchor8

Scott Kitterman




More information about the mail-vet-discuss mailing list