On Mon, 6 Sep 2004, Daniel Senie wrote:
So let me get this straight.
Folks are worried about the companies some people outsource their DNS to
(instead of running their own servers) not handling _marid or _foo or
whatever the tag would be. But folks are not worried about updating name
server software to support a new RR type and getting that software
deployed, and are not worried about getting MTA software updated to handle
new a new capability and get that deployed.
Folks are worried about both cases. The two cases are different and
require different handling. First of all with new RR type, it is not
only dns servers but some resolvers that may need to be updated, this
is a process that takes quite a bit longer and requires recompiling
dns servers and/or resolvers, people installing new software, etc.
On the other hand with "_" prefix, all dns servers and resolvers can
handle it. It is only that to managed these servers, number of providers
have deployed custom GUI interfaces. In some cases, these interfaces set
correct characters to be used and they have disallowed use of "_". It
would not be hard to correct it - most of these GUI are interpted scripts
(perl cgi, php, asp, etc) and to disallow those characters they have a
filter function (that function checks if all characters in hostname or
domain name are alphanumeric or "-") which is the only one that will need
to be updated to allow "_" character. Not very hard to do and they really
should have done it by now considering SRV records have existed for
several years now.
Am I the only one who thinks this is looney? If SPF or SenderID become
accepted, then people will update MTA software to make it work. They will
update DNS server software to make it work. And if outsourced DNS providers
wish to remain competitive, they'll add capabilities to their GUIs. Let the
market handle it.
I agree with you. If MARID becomes popular within a year all GUI will
be able to handle underscores if its part of the standard. Its just a very
easy fix for those who dont - see above.
It sure seems like folks are getting hung up over what's probably the
EASIEST thing to deal with, that being finding a DNS outsourcer (if you
even need one) that'll publish the records you request.
Let's get back to deciding what's right at the protocol level, and leave
the business decisions of web-interfaced DNS providers out of the discussion.
I, for one, would like to hear more on the technical merits of using _spf
or _marid or _foo vs. not using it.
Using it allows to avoid collisions with other TXT records or with any other
possible use of SPF in the future. And it gives a good example for anybody
else who is considering temporarily using TXT records for their experiment.
BTW - I now support that both TXT and SPF RR records be done in SRV way:
_smtp._tcp.example.com. IN TXT "SPF2.0/PRA ..."
_smtp._tcp.example.com. IN SPF "SPF2.0/PRA ..."
--
William Leibzon
Elan Networks
william(_at_)elan(_dot_)net