At 10:52 AM 3/30/2004, csm(_at_)Lunar-Linux(_dot_)org wrote:
Okay so that is the second time I have heard this reference to ?all
being useless... as I am really just learning about this would you
mind explaining why? I am not DNS illiterate but I set mine up based on
what the wizard gave me and it definitely recommended using all.
The "?" is the key. You can end your record with ?all -all or ~all (or
+all, but you're not likely to want to!)
These mean:
-all: Anything not listed is unauthorized (fail)
?all: Anything not listed may or may not be authorized (unknown)
~all: Anything not listed is probably not authorized, but there is a chance
it could be. (softfail)
+all: Anything not listed is authorized. (pass)
With a "-all" default, the end-user can reject mail that doesn't really
come from you, but runs the risk that a non-SRS forwarding service might
have passed something along.
With a "?all" default, the end-user cannot reject forged mail, but it *can*
give some positive weight to *verified* mail.
Kelson Vibber
SpeedGate Communications <www.speed.net>