spf-discuss
[Top] [All Lists]

Re: Miscellaneous Thoughts

2003-10-20 12:18:42
On Monday 20 October 2003 12:04, Andreas Kreuzinger wrote:

Yes, but just ignoring the problem is not the right solution.

Who's ignoring it???
;-)

1) Do precursors of MX still exist?
Officially they don't exist anymore.

Ahh, 'officially' is not the same as 'actually'.

As Loic Prylli mentioned in <3F900C1C(_dot_)1070503(_at_)abbloi(_dot_)org>
(http://archives.listbox.com/spf-discuss(_at_)v2(_dot_)listbox(_dot_)com/200310/0253.html)
it is not allowed (".. servers MUST NOT load ..") to use them (RFC 1123)
...<snip>...
And even in RFC 1035 the RR MD and MF are converted to MX RR:
[...snip...]
MD is obsolete.  See the definition of MX and [RFC-974] for details of
the new scheme.  The recommended policy for dealing with MD RRs found in
a master file is to reject them, or to convert them to MX RRs with a
preference of 0.
[...snip...]
MF is obsolete.  See the definition of MX and [RFC-974] for details ofw
the new scheme.  The recommended policy for dealing with MD RRs found in
a master file is to reject them, or to convert them to MX RRs with a
preference of 10.
[...snip...]

That means BIND is ignoring the RFCs.

That is quite possible. It has an awful reputetion for security too ;-)

Going back, Yes everything you say is true. We have RFC1123, which means that 
the MD record must no longer be used ...
... for the purpose it was originally intented. Ie. it is considered obsolete.

RFC1035 is more of a pain - Is this implemented anywhere? Are the MD RR's 
automatically translated by any application?
(and what about MG, MB & MR?)

Personally, these are my thoughts:

I prefer the idea of a new RR. But, I recognise that this request will meet 
objections by some, and a guaranteed delay whilst it is implemented. 
Co-opting an obsolete RR seemed one possible alternative - which is why I 
published MD (etc) records for my zone - so that others could test if it 
worked on their system. RFC1123 we can discount, for the reason above. It 
doesn't prohibit us from using it in a different context. RFC1035 concordance 
needs testing if this option is to be considered seriously. This testing must 
be done, and I can only test BIND and any nameservers used by my ISPs. So 
far, I have not noticed any problems, but thats not to claim that there 
aren't any.

Personally, I think Meng needs to be congratulated on pushing this issue. The 
idea has been around for a long time, and something now appears to be making 
progress. Most of us want to see some sort of implementation as soon as 
possible - hence my post about how to get it achieved in a minimal timespan. 
With this in mind, I think a new SMTP RFC is impractical - it will delay the 
process yet further. Modification & implementation of new features appear to 
provide a quicker route forward.

-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.txt
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡


<Prev in Thread] Current Thread [Next in Thread>