spf-discuss
[Top] [All Lists]

Re: specification 02.9.7 released

2004-02-08 05:05:18
--On Sonntag, Februar 08, 2004 03:12:05 -0500 Mark Shewmaker <mark(_at_)primefactor(_dot_)com> wrote:
[...]
Then the MTA's would no longer need to do a separate DNS query to test
for the existence of the domain in question if spf checking were enabled.
Currently they'll check for the existence of the domain, and then any spf
checks immediately do almost the same dns queries.  (Granted, the current
double queries would mostly be cached.)

The double checking would only happen if you configured the MTA to accept that kind of mail. But in this case changing the SPF semantics would not help as the MTA still would have checked the domains MX- or A-RRs beforehand. If you decide to reject this kind of mail SPF would not need to get called as the MTA already decided to reject without any information from the SPF checks.

It all depends on how you integrate SPF with the MTA. Introducing a new return code makes integration a little bit more difficult, maybe we should just return "unknwon" as no SPF could be done and leave rejection of unresolvable senders to the MTAs - which already implement these checks.

Ralf

-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.7.txt
Wiki: http://spfwiki.infinitepenguins.net/pmwiki.php/SenderPermittedFrom/
To unsubscribe, change your address, or temporarily deactivate your subscription, please go to http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡