On Wed, 8 Oct 2003, pna.lists wrote:
Shouldn't we start implementing SPF?
http://yro.slashdot.org/article.pl?sid=03/10/06/0044200
http://spf.pobox.com/
"We're in an experimental stage right now: we need lots of domains to publish
SPF records so we can see if there's anything wrong with the idea of
wildcards and TXT records"
The idea of advertising who is allowed to send for a domain is good. I had
talked to various people about the idea of doing this with the MX record,
but obviously not everone has incoming and outgoing mailservers on the
same box.
Doing it in TXT records is clumsy. We (as in IETF dnsex group) are doing
something
really wrong if people need to keep abusing the TXT records for stuff. I guess
it would be good to start with, but ideally a new RRtype should be used.
Last, since I'm personally doing lots of dnssec stuff, I really do not want to
put
in wildcards in my dns. My hatred for wildcards is only marginally less then my
hatred for spam.
I'd implement a similar idea that does not depend on wildcards immediately for
all
our domains, which if they are .nl domains, are then even dnssec signed as well.
(now let's all push RIPE to sign the their in-addr.arpa zones :)
Paul
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡