Quoting Philipp Morger (philipp(_dot_)morger(_at_)dominion(_dot_)ch):
IMHO, don't do anything, that's not a problem which is the concern of SPF,
treat it like a DNS timeout or whatever...
it's up to the MTA to deceide if it want to allow invalid senderdomains...
Agreed.
I would think that any site implementing SPF to fight spam would
also be refusing email from domains that do not resolve.
John Capo
On Mon, Nov 10, 2003 at 09:36:28 -0500, Philip Gladstone wrote:
What is the recommended action when the source domain returns 'NXDOMAIN'
as opposed to not having any SPF records? I'm wondering if the
received-spf header should somehow indicate this difference.
Also, the X-SPF-Guess logic -- should this be part of the spec, or not.
THe good thing about it is that it provides some instant benefit for MTA
side deployers of SPF. My take is that it should be possible to locally
define two SPF records for use under the following circumstances:
NXDOMAIN "v=spf1 default=deny"
NO TXT "v=spf1 a/24 ptr:%{d2} mx/24 mx:%{d2}/24
default=softdeny"
The Received-SPF record should indicate if a genuine SPF record was
used, or whether a local override was used. [In fact, it might make
sense to allow local override of *any* domain looked up SPF record.] I'm
not sure whether this is material for standardization.
Philip
-------
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.txt
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡