On Fri, Jun 18, 2004 at 01:19:54PM -0700, william(at)elan.net wrote:
| > Unified SPF asks example.com to publish four SPF
| > records:
| >
| > example.com TXT "v=spf1 a mx -all"
| > www.example.com TXT "v=spf1 a -all"
| > mx10.example.com TXT "v=spf1 a -all"
| > mx11.example.com TXT "v=spf1 a -all"
| Now can you imagine this being wildcard record? I sure can:
| example.com TXT "v=spf1 a mx -all
| *.example.com TXT "v=spf1 a -all
Unfortunately wildcards don't work that way --- the moment a
"node" exists, only the explicitly defined RRtypes are
returned.
So, even though we define *.example.com TXT "...", because
www.example.com has an A record, it will not return a TXT
result.
This is a bit of a wart, but not the end of the world.
| And I would like again to point out that MTAMark-like records do not
| necessarily require to be part of INADDR tree that so many people somehow
| don't like. All that is required is that you check SPF record on the name
| you obtain from PTR lookup. And in most normal mail server setup, this
| actually will not even require additional lookup as domain would be
| same as what you see in HELLO or in Mail-From.
Agreed.