spf-discuss
[Top] [All Lists]

Re: DDoS attacks via SPF

2003-12-18 16:15:40
The traffic to/from the DNS server would also be reduced if name servers
send the A, PTR, or MX info in the ADDITIONAL INFO part of the DNS
response.

  Query:
    sender.com IN TXT

  Response:
    Answer: sender.com IN TXT 'v=spf1 +a -all'
    Additional info: sender.com IN A 192.168.0.142

Or

  Response:
    Answer: sender.com IN TXT 'v=spf1 mx -all'
    Additional info: sender.com IN MX  10 mx1.sender.com
                     sender.com IN MX  20 mx2.sender.com
                     mx1.sender.com IN A 192.168.0.142
                     mx2.sender.com IN A 192.168.0.143

DNS servers do this today with MX records, in the fullness of time we'd
expect the same for SPF records.

Cheers!

-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.4.txt
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname(_at_)½§Åv¼ð¦ç?2b¥yÈbox(_dot_)com


<Prev in Thread] Current Thread [Next in Thread>