On Fri, Jun 18, 2004 at 10:31:44PM +0100, Karl Prince wrote:
| > Personally, I don't think the above should be necessary. I
| > think that if you get mail from a return-path that has only
| > an A record and neither an MX record nor an SPF record, you
| > should assume that it's not meant to be an MTA. This rule
| > subsumes the MTAMark semantic.
|
| I disagree, with your proposed rule above for return-path
| without an MX or SPF, but with A (and matching PTR I assume)
|
| The RFC I can't quote off the top of my head, but I thought
| that a receiving MTA (and therefore sending MTA) could get away
| with just an A record for the Domain (giving a weight of 0), if
| no MX was declared.
That's the "implicit MX rule" which I mean to deprecate.
| More importantly though are bounce messages from domains
| without any SPF, since it may be an outbound only MTA, ie A
| record matching HELO, but no matching MX or SPF.
Bounce messages will have MAIL FROM:<>, so this scenario is
not a concern.
| IMHO for the moment, all A and MX records need to have a SPF
| TXT record to declare the owner's policy for the IP to which
| they refer.
Yes, that is true. Also, unfortunate, because it means that
we need SPF records for everything that has an A record ---
including things like workstation.example.com and
printer.example.com. If we could get rid of the implicit MX
rule, we could save ourselves a lot of work.