Here's the idea in a nutshell: CSV makes use of extant SPF records which
already list tens of thousands of domains that are authorized for use in
HELO.
Who supports/opposes this change?
Details:
Perhaps a CSV that was backwards compatible with a simple subset of SPF1
records would be useful. SPF records that expect to result in an 'SPF
pass' already must list the names used in HELO, so why not make use of
that fact?
There was a survey (I tried to find it, but failed) mentioned on list
showing that ~95% of all SPF records were one of a dozen strings (-all,
~all, +a +mx -all, ...) that were resolvable with one DNS query (a link
would be appreciated).
Who thinks compatibility with a subset of SPF records would be an
improvement to CSV? Domains could continue to publish one of these
records, and would need do nothing else to be compatible with this
revised CSV, or if they preferred more flexibility and/or wanted to be
good neighbors, could publish normal CSV records.
The subset could be defined as
a)those that resolve to one of the n (e.g. n=12) most popular records, or
b)records that use only, e.g. a, ptr, mx, ip4, or ip6 and fit in UDP.
In either case, parsing issues, and the issues of TCP failover, TXT
crowding and DNS providers that don't support CSV nearly disappear.
The algorithm would be that a check is done for a CSV record first (and
if found, only it is used); if none is found, a check is made for a
conforming SPF record.
Who would support this change?
Would you prefer a CSV compatible with a larger set of SPF records?
(Keep in mind that domains that aren't used in HELO don't need to have
these records at all, as far as CSV is concerned. If you have a complex
SPF record, that's OK - keep it. Just add a simple SPF record for the
hostname you announce in HELO, or add a CSV record.)