On 8/4/06, Damon <deepvoice(_at_)gmail(_dot_)com> wrote:
> Personally cases I see are:
> 1. I either sign all myself OR these guys <list domains> sign on
> my behalf
> a. In some special cases it can also be I sign all myself AND
> one of these guys <list domains> will also sign it
> 2. I always sign if it comes from[*] <list email address> but
> otherwise I may not add a signature
> 3. I always sign when it goes to[*] <list email addresses> but
> otherwise I may not add a signature
>
> [*] From and To are general concepts here and do not necessarilly
> imply "From" and "To" header field specifically
My only question is... where are you going to put all those rules?
I remember having a terrible time with a reverse that went back to
500+ domains my DNS kept timing out before I could get to the bottom
of the list.
Should you or could you put a limit on the number of domains?
And if you did, where would you put the extra?
This is why I went with the CIDR idea when we did SPF. You can have
1000 domains pointing at the same IP all owned by the same guy AND be
legit.
In this case wouldn't it be better to put in an IP?
Regards,
Damon Sauer
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html