--Meng Weng Wong <mengwong(_at_)dumbo(_dot_)pobox(_dot_)com> wrote:
Now, in the draft's definition of "mx", we can either continue the
broken tradition, or set a new standard.
[...]
Breaking with tradition:
If the <target-name> has no MX records, SPF clients MUST NOT pretend
the target is its single MX, and MUST NOT default to an A lookup on
the <target-name> directly. If such behaviour was intended, the
<target-name> would have specified an "a" declaration instead.
I would totally agree with this. You might insert a sentence to clarify
like "Specifying "mx" in the SPF record when there are no MX records for
the domain should have no effect."
If someone has a domain with A record and no MX, and wants to receive mail,
they should be encouraged to define MX records. Most A records within the
domain define servers or web sites that are not used for email. It looks
like there is no real alternative to specifying SPF records for each A
record, but I can't see an easy way around that. Probably most admins
won't do this until someone actually forges one of the names, but I'm
afraid this will become more common as the top-level domains get protected.
Perhaps over time people will start refusing mail for domains that have no
MX and the grandfather clause will be useless and done with. But this will
take time... Meng's suggestion here is a good balance between
forward-looking and not-too-far-reaching, IMO.
gregc
--
Greg Connor <gconnor(_at_)nekodojo(_dot_)org>
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.4.txt
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname(_at_)©#�«Mo\¯HÝÜîU;±¤Ö¤Íµø�?¡