ietf-mxcomp
[Top] [All Lists]

Re: Make CSV backwards compatible with SPF?

2004-09-20 18:48:56

On 9/20/2004 5:21 PM, Douglas Otis sent forth electrons to convey:

On Mon, 2004-09-20 at 16:33, Matthew Elvey wrote:
Here's the idea in a nutshell: CSV makes use of extant SPF records which already list tens of thousands of domains that are authorized for use in HELO.

Who supports/opposes this change?

Ney.

This is a repeat of an older debate.
No, I'm making a different suggestion.  Please read the whole post!
I'm eliminating some or all of the records that you mention having a problem with below.

I should have stated one thing clearly: only +type components of records would be relevant; ~type and ?type would be ignored.

I registered your Nay on Jabber...

SPF often requires a series of lookups to
resolve an address list.  This list is often not fully defined as it is
commonly intended to associate mailbox domains with a much larger set of
MTA addresses.  It also may allow the EHLO domain to use SPF/Sender-ID
records as a means to spoof, as these records are often open-ended.
No open-ended records would be allowed. I don't think the fact that, e.g. +0/0 is allowed is of much concern, as spammers have demonstrated they can create MARID records for their own domains quite well; A&R are required.

The
host name used within the EHLO domain will require a separate record
anyway, so why not use a record that achieves an answer within a single
lookup?
We should, as my post makes clear. But there are reported to be what, ~300,000 SPF records? Why not use them to the extent that I suggest?