On Mon, Apr 26, 2004 at 08:16:33AM -0500, wayne wrote:
> so suppose domain.com publishes SPF.
>
> but workstation.domain.com does not.
>
> right now SPF tells you to publish an SPF record for every single
> subdomain that has either A or MX. but that's yucky.
I agree, it is very yucky.
--spf(_at_)metro(_dot_)cx wrote:
Which reminds me, and excuse me if this has been discussed before, but
what about CNAME's? CNAME records don't coexist well with other type of
records on the same domain.
Actually I think this is pretty straightforward... when looking up the A or
MX, the resolver knows to follow the CNAME to the original A or MX. This
is where you would put the SPF TXT record as well.
Now... A tricky (possibly thorny) question is when mail is from
person(_at_)www(_dot_)alias-domain(_dot_)com and the entry it leads to (www.real-domain.com)
doesn't have an SPF, would you seek a higher-level SPF record in the first
domain or the second :)
--
Greg Connor <gconnor(_at_)nekodojo(_dot_)org>