In <20040109071920(_dot_)GA6945(_at_)dumbo(_dot_)pobox(_dot_)com> Meng Weng
Wong <mengwong(_at_)dumbo(_dot_)pobox(_dot_)com> writes:
On Thu, Jan 08, 2004 at 06:41:09PM -0500, Meng Weng Wong wrote:
| In an ideal world, you'd only need them for MX entries, but the
| "implicit-MX" rule has been grandfathered for so long that it's still
| possible for a spammer to joe-job your laptop.
|
Hmm. Maybe we can get around this by saying that if a domain has A but
no MX, we can produce an implicit SPF record that is just "v=spf1 a -all".
thoughts?
The best_guess method already does this implicit SPF record. I don't
see the advantage of having an implicit SPF record for strict
interpretations. Did you really mean "v=spf1 a -all" rather than
"v=spf1 -all"?
Many MTAs will already have the ability to do extra checks to make
sure that the domain isn't bogus. If there isn't an SMTP server
running on your laptop, these MTAs can already fairly easily
reject/tempfail the email claiming to be from it.
This is actually something the the DRIP proposal adds. Maybe we
should be promoting its use.
-wayne
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.4.txt
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname(_at_)©#�«Mo\¯HÝÜîU;±¤Ö¤Íµø�?¡