Wietse,
DNS lookup alone cannot validate an author domain, so one might
just as well use the least complicated mechanism. The SSP NXDOMAIN
check is sufficient; the RFC 2821 section 5 MX/A/AAAA lookups create
overhead without actual security benefit.
First of all for any reasonable implementation the query itself is "IN
ANY", as anything else would add unnecessary network latency. That just
leaves the answer. In many cases you'll want many parts of the answer
already. But beyond this, modern email systems score messages. I'll
predict that hosts without valid MX records are going to be weighted
toward spam. Are you saying that's not worth anything?
Eliot
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html