Lee Maguire <lee-spf(_at_)hexkey(_dot_)co(_dot_)uk>:
So you could evaluate each record in order (lowest first) until you
explicitly match a pass or fail (or softfail) by using "unknown" to drop
through to the next record.
foo.example.com. IN TXT "v=spf1 pri=10 +mx"
foo.example.com. IN TXT "v=spf1 pri=30 +ip4:10.2.0.0/24 -all"
foo.example.com. IN TXT "v=spf1 pri=20 +ip4:10.1.0.0/24"
This is closer to the way typical network filtering rules operate, and
would make the more complex policies easier to manage.
Hmmmm...maybe this means we could drop the ugly pseudo-domain kludge and
just use TXT records attached to the actual domain at issue? Not as good
a a dedicated RR type, but an improvement to be sure.
--
<a href="http://www.catb.org/~esr/">Eric S. Raymond</a>
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.6.txt
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡