--On Sonntag, Februar 08, 2004 03:12:05 -0500 Mark Shewmaker
<mark(_at_)primefactor(_dot_)com> wrote:
[...]
Then the MTA's would no longer need to do a separate DNS query to test
for the existence of the domain in question if spf checking were enabled.
Currently they'll check for the existence of the domain, and then any spf
checks immediately do almost the same dns queries. (Granted, the current
double queries would mostly be cached.)
The double checking would only happen if you configured the MTA to accept
that kind of mail. But in this case changing the SPF semantics would not
help as the MTA still would have checked the domains MX- or A-RRs
beforehand. If you decide to reject this kind of mail SPF would not need to
get called as the MTA already decided to reject without any information
from the SPF checks.
It all depends on how you integrate SPF with the MTA. Introducing a new
return code makes integration a little bit more difficult, maybe we should
just return "unknwon" as no SPF could be done and leave rejection of
unresolvable senders to the MTAs - which already implement these checks.
Ralf
-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.7.txt
Wiki: http://spfwiki.infinitepenguins.net/pmwiki.php/SenderPermittedFrom/
To unsubscribe, change your address, or temporarily deactivate your subscription,
please go to http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡