-----BEGIN PGP SIGNED MESSAGE-----
On Tue, 30 Mar 2004, Kelson Vibber spewed into the bitstream:
KV>At 10:52 AM 3/30/2004, csm(_at_)Lunar-Linux(_dot_)org wrote:
KV>>Okay so that is the second time I have heard this reference to ?all
KV>>being useless... as I am really just learning about this would you
KV>>mind explaining why? I am not DNS illiterate but I set mine up based on
KV>>what the wizard gave me and it definitely recommended using all.
KV>The "?" is the key. You can end your record with ?all -all or ~all (or
KV>+all, but you're not likely to want to!)
KV>-all: Anything not listed is unauthorized (fail)
KV>?all: Anything not listed may or may not be authorized (unknown)
KV>~all: Anything not listed is probably not authorized, but there is a chance
KV>it could be. (softfail)
KV>+all: Anything not listed is authorized. (pass)
KV>With a "-all" default, the end-user can reject mail that doesn't really
KV>come from you, but runs the risk that a non-SRS forwarding service might
KV>have passed something along.
KV>With a "?all" default, the end-user cannot reject forged mail, but it *can*
KV>give some positive weight to *verified* mail.
An altogether excellent explanation on the "all" issue.
Any thoughts as to why AOL is not showing any SPF records?
Lunar Linux Project Lead
Disclaimer: "I am not a curmudgeon! No... really..."
Addendum: "Bwahahaha! Fire up the orbital mind-control lasers!"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
-----END PGP SIGNATURE-----