On Monday 24 November 2003 4:37 am, Tim Gladding wrote:
Mail already depends on SMTP and DNS (for the most part). We shouldn't
make running an HTTP server a requirement for running an SMTP server.
Like I said before, not everyone currently runs an HTTP server, and I
don't see anyone turning on up specifically to handle SPF.
I think you have gotten the wrong impression here. There has been no
suggestion (certainly not by me) that HTTP should be the principal mechanism
for publishing SPF. It was only ever suggested as a fallback for sites where
DNS TXT (or the new RR type) records are not available for any reason.
The proposal for an http fallback mechanism in SPF _does_ have the downside of
needing an HTTP GET callout mechanism in any MTA that is performing an SPF
lookup.
However the alternate ESMTP-XQSA proposal does not *require* MTA's to
implement any HTTP or unusual DNS lookups at all. That was the point. All you
need (if you want to support any fallback mechanism, which is optional) is to
know the hostname of an ESMTP-XQSA gateway that *is* capable of lookups using
alternate mechanisms. It need not be your own MTA, but you do need to trust
it (or distribute the trust by querying multiple oracles and averaging).
- Dan
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.6.txt
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname(_at_)©#�«Mo\¯HÝÜîU;±¤Ö¤Íµø�?¡