spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

"fallback" domain list

2004-06-08 04:40:53
from [Gary Levell] [Permanent Link] 
The developers guide on http://spf.pobox.com/developers-guide.html indicates 
that a good stragegy would be to have a fallback domain and I was wondering 
if anyone had a list of fallback domains & their "fallback" policy already 
built?

Perhaps another way to tackle this, and to make it easier for updates & central 
admin for the "consensus" fallback domains, would be to have some reputable 
domain 
that the community trusts not to generate malicious policy records (perhaps 
pobox.com)
and have them create a sub-domain for storing the fallback policies.

  yahoo.com.fallback._spf.pobox.com             TXT v=spf1 ptr -all
  -any-.yahoo.com.fallback._spf.pobox.com       TXT v=spf1 ptr:yahoo.com -all
  slow.to.update.co.uk.fallback._spf.pobox.com  TXT v=spf1 ip4:200.200.200.0/24 
-all
  _any_.fallback._spf.pobox.com                 TXT v=spf1 a/24 mx/24 ptr ?all

The -any- least signficiant child domain equates to the wildcard "*" for the 
purposes 
of matching these domains.

To reduce traffic and overhead, these records could be setup with some long TTL 
since the SPF recommendation is to check for the authorised SPF policy in the 
domain 
and only fallback to the other when it fails.

Certainly for our implementation we are probably going to go with this 
technique because
it would allow us to control the fallback domains without having to ship an 
updated control
file to all our customers.

Can anyone see a reason not to do this?

Thanks,
-Gary Levell
www.exclaimer.net 

This message (and any associated files) is intended only for the use of 
spf-discuss(_at_)v2(_dot_)listbox(_dot_)com and may contain information that is 
confidential, subject to copyright or constitutes a trade secret. If you are 
not spf-discuss(_at_)v2(_dot_)listbox(_dot_)com you are hereby notified that 
any dissemination, copying or distribution of this message, or files associated 
with this message, is strictly prohibited. If you have received this message in 
error, please notify us immediately by replying to the message and deleting it 
from your computer. Messages sent to and from us may be monitored. Any views or 
opinions presented are solely those of the author gary(_at_)exclaimer(_dot_)net 
and do not necessarily represent those of the company. 

This disclaimer was added by eXclaimer for Microsoft Exchange 2000, a DCSL 
product. Please visit our web site at www.exclaimer.co.uk for more information.
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Forking SPF into The New SPF and SPF1, Karl Prince
Next by Date:  Re: Forking SPF into The New SPF and SPF1, David Brodbeck
Previous by Thread:  a "never relays" parameter, Daniel Quinlan
Next by Thread:  Re: "fallback" domain list, Meng Weng Wong
Indexes:  [Date] [Thread] [Top] [All Lists]