On Thu May 26 2005 11:00, Frank Ellermann wrote:
Bruce Lilly wrote:
SPF and SPF-like schemes impose an additional necessary
condition:
the ISP's MTA must work 100.00000% of the time
Not necesarily. If you have your own domain (or a small
domain shared by 15 users as in your example), then you
can permit the IPs of several mail providers.
I think you may misunderstand the example and the problem. The
messages were sent to ~15 recipients, each with separate mailboxes
(think of it as list expansion) at different domains. In order
to work around a problem *at the provider* (or at least *affecting
the provider*), it was necessary to go directly to a recipient's MX
host. Your "solution", costs aside, supposes that at least one of
the providers is unaffected by the problem (the problem was something
like DNS poisoning, so that likely wouldn't help).
In the most simple case you have providers A, B. C with
policies and "v=spf1 include:A include:B include:C -all".
In your specific pet case of "misdirected bounces" (sorry, Markus),
if A, B, and/or C are large ISPs (think Comcast or RoadRunner),
such a scheme as you are proposing may in fact exacerbate the
problem.
And I have mailboxes at both A and B. So when I now have a
problem with A I simply send the mail via B, just using the
corresponding MAIL FROM:<my(_dot_)B(_dot_)address(_at_)B(_dot_)example>
That's OK for you, assuming that's where you *want* to receive
delivery notifications. That might not work for others. And
it won't work at all if you specifically want to delegate handling
of delivery notifications.