On Tue, 12 Jun 2007 01:28:05 +0100, Douglas Otis
<dotis(_at_)mail-abuse(_dot_)org>
wrote:
So when wildcard records are not used,
after receiving a message considered not signed:
- When neither an MX (or A) record are found, refuse the message.
- When an MX (or A) record are found, query for a policy record.
- When no policy is found, there is no policy. (Searching not
required.)
- When policy requires DKIM signatures, refuse the message.
That works for the domain that "never sends mail"
"never receives mail"
But what about the domain that receives, but never sends?
In that case you will publish several MX records (with assorted
preferences) as usual. But then you also publish an extra MX record with a
ridiculously low preference (99 say) which points to something
unresolvable (e.g. nomail,invalid).
By convention, that means "sends no mail". So if you are a receiving site
considering whether some message can be discarded, you just ask to see the
MX records for the domain, and see if they include one pointing to
nomail.invalid.
I reckone there would be no need then to depracate A records where |MX was
absent, or anything like that.
--
Charles H. Lindsey ---------At Home, doing my own thing------------------------
Tel: +44 161 436 6131
Web: http://www.cs.man.ac.uk/~chl
Email: chl(_at_)clerew(_dot_)man(_dot_)ac(_dot_)uk Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K.
PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html