Add more details to the "Details" message for SPF.
Motivation and context
The policy reads as:
An SPF policy SHALL be published for each domain that fails all non-approved senders.
A SPF policy such as v=spf1 include:_spf.google.com ~all would actually not meet the baseline because it "soft fails" (i.e., ~all instead of -all). But if you have an SPF policy like that, all ScubaGoggles says is x out y agency domain(s) found in violation: example.com, ...
If I were a user and I saw that message, I would likely be confused, "But I do have an SPF policy, why is it still failing in ScubaGoggles?" It would be nice if ScubaGoggles would tell me exactly why that domain failed the SPF requirements.
Implementation notes
Maybe the simplest way to do this would be something like this:
The following domains have not published SPF polices:
- example1
- example2
The following domains have published SPF policies but do not fail (i.e. "-all") all non-approved senders:
- example3
- example4
💡 Summary
Add more details to the "Details" message for SPF.
Motivation and context
The policy reads as:
A SPF policy such as
v=spf1 include:_spf.google.com ~allwould actually not meet the baseline because it "soft fails" (i.e.,~allinstead of-all). But if you have an SPF policy like that, all ScubaGoggles says isx out y agency domain(s) found in violation: example.com, ...If I were a user and I saw that message, I would likely be confused, "But I do have an SPF policy, why is it still failing in ScubaGoggles?" It would be nice if ScubaGoggles would tell me exactly why that domain failed the SPF requirements.Implementation notes
Maybe the simplest way to do this would be something like this:
Acceptance criteria