----- Original Message -----
From: "Ralf Doeblitz" <list+spf-discuss(_at_)doeblitz(_dot_)net>
To: <spf-discuss(_at_)v2(_dot_)listbox(_dot_)com>
Sent: Friday, July 09, 2004 7:31 PM
Subject: Re: [spf-discuss] Why TXT zone record location for SPF and Sender
ID data are domain default ( @ TXT "data") ?
--On Donnerstag, Juli 08, 2004 20:19:15 +0300 "Andrew G. Tereschenko"
<spf-discuss(_at_)spam(_dot_)24(_dot_)odessa(_dot_)ua> wrote:
[...]
Real solution somethere in middle - it's unlikely user will have "spf"
TXT
record.
Meng hosts the website for SPF on spf.pobox.com. That hosts needs an SPF
record to signal, that how this name may be used for email. You cannot
reuse legal hostnames for meta-purposes.
Ralf Döblitz
Just for a record - I do not ask you to use A or CNAME record.
I wish only TXT record used for spf.pobox.com.
This way Meng DNS is:
spf.pobox.com. IN A 208.58.1.195
spf.pobox.com IN TXT "v=spf1 a mx -all"
And answers on:
nslookup -q=txt spf.pobox.com
and
nslookup -q=a spf.pobox.com
are valid.
But now let's go to my site.
I use _mandatory_ for my domain name RP record (without RP it will not be
servered by public ns2.trifle.net)
nslookup -q=rp 24.odessa.ua
24.odessa.ua
RP mailbox = rp.spam.24.odessa.ua
text location = text.24.odessa.ua
As well
nslookup -q=txt text.24.odessa.ua
text.24.odessa.ua
text = "Andrew G. Tereschenko"
So ? In case if I need to prevent e-mail address forgery like
spammer(_at_)text(_dot_)24(_dot_)odessa(_dot_)ua I need to add SPF txt data in
addition to my name
?
Or even in case If I will not add spf - my current txt record will be
queried many times I will know nothing why ?
Okey, I understand that only names that have A and CNAME must have SPF. But
what if I will decide to create text.24.odessa.ua site for my weblog ? I
will have to change TXT record name in my RP ? Not good - as any DNS changes
(in constract to additions) need a tricky and long "change DNS value" TTL
game.
This is clearly a reuse of valid name for meta-purpose, not example you have
provided.
spf name prefix + TXT type will have much reduced chances to conflict
compared to unprefixed domain name TXT record.
There is much less chanses that somebody will same spf.<anyname> TXT record
compared to 100% conflicting <anyname> TXT.
As Roger Moser found - there is no any problems with wildcards.
If you currently use
* IN TXT "v=spf1 a mx -all"
record to answer all unprefixed names, the same record will answer prefixed
names.
But prefixed names will allow to create new version of DNS software to anwer
only on records
spf.* IN TXT "v=spf1 a mx -all".
Complete backward compatibility while allow to take benefits from future
developments.
I'm strongly against unprefixed TXT record.
Up to date nobody provided me technical reasons why specication must use
current behaivior
(other that compatibility with current software and neglible 4 bytes
increase in DNS request/responce I've noted).
If you wish to discuss this outside of this list - feel free to contact me
using IM -
ICQ: 220220, MSN: tag_aka_day AT hotmail.com, AOL: TagOdessaUa
or mailing me directly.
Discussion summary will be posted back to maillist so community will
benefit.
Looking forward for specification changes,
--
Andriy G. Tereshchenko
TAG Software
Odessa, Ukraine
http://www.24.odessa.ua