On Fri, Feb 13, 2004 at 05:20:55PM -0500, Meng Weng Wong wrote:
I feel a BCP coming on that deprecates the implicit MX rule and
recommends that all envelope sender domains should have an MX record in
addition to an A record. And an SPF record, too, obviously.
If that became the custom, then we wouldn't have to add SPF records for
A-only subdomains.
This would probably be best situated in a more generic BCP that discusses
other issues with forgery, virusses and spam.
You already corrected yourself: An MX record is enough, no need for an A
record to exist as well.
Maybe we could take the existing BCP and update this? Or, if that's the
way it works (I dunno) provide input to the responsible party?
I used to be opposed to the idea of having an MX record as a MUST. Today
I'm not so sure anymore.
So, for starters, what about these (the concept, not the text please):
- A domain being used as a RHS in email MUST have at least one MX record.
This MX record SHOULD return at least two different A records, or there
SHOULD be at least two MX records with different A records.
The practice of the implicit MX record is deprecated. This means a RHS
without an MX record MUST not be used to send nor receive mail.
- The resulting addresses MUST NOT be special-use addresses (RFC3330) [1]
- The resulting addresses MUST have PTR records, and these PTR records
MUST match the host. The following lookups will still work but are
discouraged:
somehost -> a.b.c.d; a.b.c.d -> otherhost; otherhost -> a.b.c.d
The following will NOT result in a valid lookup:
somehost -> a.b.c.d; a.b.c.d -> otherhost; otherhost -> p.q.r.s
cheers,
Alex
[1] http://www.rfc-ignorant.org/rfcs/rfc3330.php
--
begin sig
http://www.googlism.com/index.htm?ism=alex+van+den+bogaerdt&type=1
This message was produced without any <iframe tags