spf-discuss
[Top] [All Lists]

RE: Eric Allman comments on SPF

2003-12-03 20:40:17
To All:

Is there a situation where a domain owner would NOT want the MX's to be
authorized to send mail on behalf of his domain?  What I'm getting at is a
'default' rule that would, in effect, eliminate the MX directive, such that
MX's would be assumed to be authorized to send on behalf of the domain.
This would enable us to get around the objections to the original SPF
proposal and keep the proposal small (down to A records).

Marc

-----Original Message-----
From: Meng Weng Wong [mailto:mengwong(_at_)dumbo(_dot_)pobox(_dot_)com]
Sent: Wednesday, December 03, 2003 7:37 PM
To: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
Subject: [spf-discuss] Eric Allman comments on SPF


Eric Allman just emailed me his thoughts on the draft-02.9.txt.

He doesn't like the complexity of the a, mx, ptr, etc directives;
he feels that the only directives that should be there are ip4 and ip6.

He prefers a scheme that could be implemented in rulesets, not in C.
The added complexity of the DNS mechanisms means that you can't do it in
rulesets.

This takes us back to the first version of SPF, which drew heavily on
DMP's reversed-IP layout, and to the first version of RMX, which is
basically what Eric is talking about: only ip netblocks.

John Levine criticized the first version of RMX, saying that major
domains like Yahoo would never be able to fit all their networks into
512 bytes.  Indeed, pobox.com is hardly a huge ISP, and our MX servers
span seven or eight distinct networks.

When I spoke with Miles Libbey at Yahoo his objection to SPF was exactly
that: his engineers didn't want to have to figure out which networks the
MX servers were in, and have to keep them up to date.  Since most
domains' designated mailers are already described by existing MX and A
records, I felt we should take advantage of that.

I believe that the added complexity of implementing the a, mx, ptr
directives are worth it, because they make the DNS admin's job easier,
even though they make the MTA's job harder.  There is a Pareto curve to
adoption.

-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.txt
To unsubscribe, change your address, or temporarily deactivate your
subscription, 
please go to
http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡

-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.txt
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡


<Prev in Thread] Current Thread [Next in Thread>