----- Original Message -----
From: "Chris Drake" <christopher(_at_)pobox(_dot_)com>
To: <spf-discuss(_at_)v2(_dot_)listbox(_dot_)com>
Sent: Sunday, July 11, 2004 5:30 PM
Subject: Re[2]: [spf-discuss] Greeting Card sites catching on
AGT> Even more - creating TXT records for each name in DNS is lame :o((
AGT> Need a work-around.
Why is this lame? You only really need SPF on your MTA's domain(s)
If you've gone an set up loads of MX servers for all you other
domains, you may as well set up the SPF TXT records as well anyhow?
Not only MX.
But A, AAAA and CNAME probably too.
All thouse records are valid to indentify MTA - but in reality only a few
people actualy use anything other that MX.
Do SPF restict all "pass" email addresses to have valid MX ?
If yep - so why the we need "+mx" directive ?
I do not see any reason to block emails comming from limited number of IPs
that listed as MX for domain.
Probably "+mx" was added becouse we would like to avoid useless MX record
lookups.
If we will see "spf1 +a:10.10.10.0/24 -all" for some domain we must not
bother to check if MX realy exists or nope.
Requesting and caching useless records around world can cause a lot of
problems for admins if they need to update them.
--
Andriy G. Tereshchenko
TAG Software
Odessa, Ukraine
http://www.24.odessa.ua