Douglas Otis wrote:
the SSP draft should mandate publishing MX records whenever
an SSP record is also published.
SSP (or ASP) have no business to "mandate" MX records, that's
not their job. MX records are not required for (2)821(bis)
interoperability, and RFC 2119 has a very clear policy about
Since the SSP discovery process makes use of MX record
queries to determine whether the domain exists
It could as well use A, AAAA, NS, TXR, RP (FWIW), etc. AFAIK
it uses MX because that might be also used (i.e. cached) for
other tasks of the MTA.
then when an SSP record is returned for a domain that has
not published an MX record, this thereby signals that both
email and DKIM are NOT used for email addresses
If there are no mail authors in this domain a statement that
these mails from the "non-existing" authors is always signed
suffices to reject unsigned mails from these "non-existing"
authors. For a domain without users this is a no-brainer,
and unrelated to the non-existence of MX records.
For a domain with existing users who are not "permitted" to
be mail authors removing any MX records does not suffice to
educate stubborn users.
DKIM by design does not depend on SMTP. Your proposal mixes
unrelated layers. I like your general MX idea, but is is no
NOTE WELL: This list operates according to