| This overloading of A records as flags bothers my sense of protocol
| aesthetics far more than the use of TXT records versus a new RR.
| (Although its pragmatic impact may be lower...) This use of A records
| here just seems weird to me...
|
You mean for the PI results?
It's to leverage the existing set of tools that were built for DNSBLs
and now can be used for whitelisting. eg. rbldns.
I hadn't come across rbldns, but I guess this approach is pragmatic,
and that's the whole point (ie to make adoption easy).
Makes sense (in the same way that the use of TXT records does: ie
inelegant in terms of protocol design, but a pragmatic engineering
solution).
I have doubts that either of these aspects would ever survive the IETF
standards track, but maybe that's not important right now. Like most
people, I want something deployable now... :)
The .forward problem still bothers me though (ie it makes me slightly
nervous about publishing SPF records for my domain). I think the
draft needs to say more about it. In particular, I would like to see
two things in the draft:
* a section in the SPF draft itself that identifies the problem.
* a clear statement that it is the responsibility of the _receiving_
party to solve this problem, eg by whitelisting, or by ensuring that
the forwarders all comply with SRS or something similar, before
deploying SPF checks (see also my comment on sunrise).
Put another way, if I publish (correct) SPF records for my domain, and
then send a message to A, who forwards to B, who then applies SPF
checks and bounces the mail, it should be clear from the spec that
it's B that's at fault, and not me. Publishing SPF records mustn't
carry with it a responsibility not to send mail to mail forwarding
accounts, since that's clearly unworkable (and will act as a
disincentive to publish the records).
-roy
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.txt
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname(_at_)©#�«Mo\¯HÝÜîU;±¤Ö¤Íµø�?¡