On Sun, Jul 11, 2004 at 12:44:41AM +0300, Andrew G. Tereschenko wrote:
BTW, Current DNS software (a few vendors I've checked, or even specs) does
not support this
www IN A 1.2.3.4
* IN TXT "v=spf1 a mx -all"
TXT query for "www" will return not-found. While TXT query for "spammer"
will return valid "no-go from forged address" answer.
But this make no sence as "spammer" has no valid A/MX/CNAME records anyway
and can be checked without using SPF.
One more argument on using subdomains for SPF records and modifing DNS
servers sofware to support "spfv1.* IN TXT" wildcards.
I believe this is part of the rfc. Once you create a leaf such as www IN
A something, wildcard records will not match anymore. One has to create
TXT for each leaf node, but usually this can be a simple redirect to one
TXT record or something like that.
You are right that , if egreetings wishes to prevent spammers from
misusing their www.egreetings.com domain, they'll have to set up a TXT
record for www....
Koen
--
K.F.J. Martens, Sonologic, http://www.sonologic.nl/
Networking, embedded systems, unix expertise, artificial intelligence.
Public PGP key: http://www.metro.cx/pubkey-gmc.asc
Wondering about the funny attachment your mail program
can't read? Visit http://www.openpgp.org/
-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Send us money! http://spf.pobox.com/donations.html
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
pgp81dpWBkP6U.pgp
Description: PGP signature