the "implicit MX" rule

the implicit MX rule says: if a given domain name has no MX
records, but you need to send mail to it, you can substitute
its A record.

This rule bugs me, because it means that spammers can forge
MAIL FROM:<workstation.example.com> and I have to put an SPF
record on workstation.example.com to foil that.  I shouldn't
have to.

I propose this rule:

1) given a return-path, if the domain has an MX record, do
   an SPF lookup on the domain.  This is the normal case and
   the behaviour defined in the SPF draft.

2) if the domain does NOT have an MX record,
   but it does have an A record,
   and if the domain does not have an SPF record,
   then assume the default SPF record "v=spf1 a -all".
 
meng

<Prev in Thread]	Current Thread	[Next in Thread>
the "implicit MX" rule, Meng Weng Wong <= Re: the "implicit MX" rule, Frank Ellermann Re: Re: the "implicit MX" rule, Meng Weng Wong Re: the "implicit MX" rule, Frank Ellermann Re: Re: the "implicit MX" rule, Jeffrey Goldberg Re: the "implicit MX" rule, Frank Ellermann Re: Re: the "implicit MX" rule, wayne Re: the, Karl Prince Re: the "implicit MX" rule, Roger Moser Re: the "implicit MX" rule, Meng Weng Wong

Previous by Date:	Re: a grand unified theory of MARID, Tim Meadowcroft
Next by Date:	making the policy decision: leveraging HTTPS, Meng Weng Wong
Previous by Thread:	Jim Lyon's proposed possible extensions, Jonathan Gardner
Next by Thread:	Re: the "implicit MX" rule, Frank Ellermann
Indexes:	[Date] [Thread] [Top] [All Lists]