ietf-dkim
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: MX dot was (Re: [ietf-dkim] TXT wildcards SSP issues

2007-06-07 10:07:44
from [Hector Santos] [Permanent Link] 
william(at)elan.net wrote:


email: q.d.foo.com

    query --> q.d._ssp.foo.com
    This will return the NEVER policy (3rd record)


Why would I look at q.d._ssp.foo.com rather then q._ssp.d.foo.com or
_ssp.q.d.foo.com?
Because I established a TWO LEVEL rule as this the WORLD WIDE norm, and you can get to the other subdomains with juse TWO levels. 

Also think about the global default record:

     *._SSP   0   TXT  ... your default policy ...
That allows you cover the entire company (zone), and for strict systems, a NOMAIL default will be ideal to combat fake subdomain abuse.
I understand it doesn't have to be that way, but I would like to know why there is a problem with that.
You guys are the DNS administrators. Tell me. My skin is very thick. If I am wrong with this method, explain how? 

--
Sincerely

Hector Santos, CTO
http://www.santronics.com
http://santronics.blogspot.com

_______________________________________________
NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [ietf-dkim] Zone Files, Hector Santos
Next by Date:  Re: [ietf-dkim] TXT Subdomain queries, Jim Fenton
Previous by Thread:  Re: MX dot was (Re: [ietf-dkim] TXT wildcards SSP issues, william(at)elan.net
Next by Thread:  Re: MX dot was (Re: [ietf-dkim] TXT wildcards SSP issues, Steve Atkins
Indexes:  [Date] [Thread] [Top] [All Lists]