From: william(at)elan.net
Sent: Monday, July 05, 2004 2:50 AM
<...>
My preference would be to minimize the size of the record and for that I
believe its better to assign each mail identify one letter, such as "m"
for "mail-from", "p" for "ptr", "h" for "hello" and "s" for submiter/pra
This letter (or multiple ones) can be prefixed before spf mechanisms
followed by "+", "-", "~", "?" (one of them required when scoping prefix
is being used). In such a case an increase in size of record is minimum
and not having record present maybe considerd to be either equivalent to
spf-classic "mail-from" identify or possibly equivalent to "all" (or
otherwise we would need special prefix to signify "all", like say "*").
In such a case an example I asked for could be represented as:
mydomain.com "v=spf1 h+ip4:192.168.1.0/24 m+ip4:192.168.0.0/16 -all"
And an example of record for two identifies is for example:
mydomain.com "v=spf1 sm+ip4:192.168.16.0/19 ph+ip4:192.168.20.0/24 -all"
What do you think?
Nice idea, William! I support this general scheme, as the number of lookups
to resolve an SPF record is already getting pretty large. Since the
language is very compact, adding a few more characters to the SPF record is
far preferable to requiring more DNS queries. While I find the above
acceptable, it could be more human friendly if we either avoided
single-letter abbreviations or delimited them better. Here are two
examples.
Enclosing the scope parameters inside parentheses:
v=spf1 (sm)+ip4:192.168.16.0/19 (ph)+ip4:192.168.20.0/24 -all
Separating multiple scope parameters by commas:
v=spf1 (s,m)+ip4:192.168.16.0/19 (p,h)+ip4:192.168.20.0/24 -all
--
Seth Goodman