On 9/20/2004 5:21 PM, Douglas Otis sent forth electrons to convey:
On Mon, 2004-09-20 at 16:33, Matthew Elvey wrote:
Here's the idea in a nutshell: CSV makes use of extant SPF records which
already list tens of thousands of domains that are authorized for use in
HELO.
Who supports/opposes this change?
Ney.
This is a repeat of an older debate.
No, I'm making a different suggestion. Please read the whole post!
I'm eliminating some or all of the records that you mention having a
problem with below.
I should have stated one thing clearly: only +type components of records
would be relevant; ~type and ?type would be ignored.
I registered your Nay on Jabber...
SPF often requires a series of lookups to
resolve an address list. This list is often not fully defined as it is
commonly intended to associate mailbox domains with a much larger set of
MTA addresses. It also may allow the EHLO domain to use SPF/Sender-ID
records as a means to spoof, as these records are often open-ended.
No open-ended records would be allowed. I don't think the fact that,
e.g. +0/0 is allowed is of much concern, as spammers have demonstrated
they can create MARID records for their own domains quite well; A&R are
required.
The
host name used within the EHLO domain will require a separate record
anyway, so why not use a record that achieves an answer within a single
lookup?
We should, as my post makes clear. But there are reported to be what,
~300,000 SPF records? Why not use them to the extent that I suggest?