In <20031029050243(_dot_)GA19936(_at_)dumbo(_dot_)pobox(_dot_)com> Meng Weng
Wong <mengwong(_at_)dumbo(_dot_)pobox(_dot_)com> writes:
On Tue, Oct 28, 2003 at 09:12:19PM -0600, wayne wrote:
| order. Allowing multiple TXT records looks like an accident waiting
| to happen.
|
| What is gained by allowing the following?
|
| _spf IN TXT "v=spf1 ip4:127.1.2.3"
| _spf IN TXT "v=spf1 mx default=deny"
|
ok, what behaviour do you specify upon the above input?
I would say that both spf policies TXT records should be rejected and
the domain should not be considered to have SPF. The same thing will
happen if there is a typo like "v=sfp1 mx default=deny".
Validators are important tools in making sure that the SPF records do
what the domain owners expect. I don't think it is a good idea to
make guesses about what people really mean, especially when the order
of options is so important and yet the order of TXT records returned
via DNS is undefined.
Another possiblity is that the SPF query library could return "error"
as well as pass/fail/unknown. Then, the calling program could, if
appropriate, tell someone that the SPF record(s) are bogus and
appropriate actions could be taken. This would be somewhat like the
"lame server" syslog messages that bind issues.
What do others think about this?
-wayne
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.txt
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname(_at_)©#�«Mo\¯HÝÜîU;±¤Ö¤Íµø�?¡