Hi all,
I've a possibly lame question.
While reading 5.3 Step 2 in June 23 senderid.pdf from Microsoft and 2.1 in
spf-draft-200406.txt I've found that both SPF and Sender-ID will query for
domain default TXT record.
Why both SPF and Sender-ID use the same TXT record data, not as spf or
sender-id TXT records ?
This make SPF and Sender-ID non-compatible and may cause versioning problems
in future and traffic increase.
IMHO, I would like to add this zone data for my 24.odessa.ua domain
spf.24.odessa.ua. IN TXT "v=spf1 a mx ~all"
Instead of current
24.odessa.ua. IN TXT "v=spf1 a mx ~all"
As well for Sender-ID use separate named TXT record not a default domain
one.
This change are trivial to implement - while you are searching for TXT
data - add spf/sender-id prefix on name you search.
Benefits from such a change:
1. Possibly reduced traffic for already extablished TXT records thich are
not SPF
Effect - currently low as TXT records are not activly used actualy, but this
may change in future
2. Future versions like a ESPF (Enhanced SPF or SPFv2) can add another
record names like a "espf" or "spf2" and recieve results relevant to version
expected.
Effect - high. Current standards does not give DNS server any information on
SPF version supported by caller. Adding prefix like spf or spf2 will give
server such an information and answer can be different - only SPF v1 records
or only SPF v2 or both SPF v1 and SPF v2 . See traffic benefits - once spf2
will be developed - it will increase traffic for domain default TXT record
or anyway use separate TXT record name.
3. Default domain TXT record are free for use by others application thich
will be unable to use separate TXT records (I do not know any reasons
currently) and will requere default domain TXT record.
4. Usage of SPF clients will be easy to track/audit. Once you will see
requests for "spf" TXT record - you will know that client need to use it for
SPF.
Currently you are not aware about a reasons why your domain default TXT
record requested. Paranoid admins will be happy to know this reason.
Tradeoff:
1. A few additional bytes in DNS query and response that reduce maximum TXT
record size by 3 or 4 characters.
We can live with this - becouse joe AT superserverhosting.com and joe AT
www.com will anyway have different DNS responce limitations becouse of
domain name length.
2. We must never query for domain default TXT record. This way we lose
compatibility with all SPF records and software already developed.
We can live with this - becouse SPF currently at early stage of development
and this kind of compatibility burden are currently low - but it's
increasing every day.
P.S> I do not see any technical problems. Only political - "default domain
spam block TXT record must ours".
I'm realy sorry if I've missed any technical problems. Correct me if I'm
wrong.
--
Andriy G. Tereshchenko
TAG Software
Odessa, Ukraine
http://www.24.odessa.ua