spf-discuss
[Top] [All Lists]

Inherited SPF Record - Proposal

2004-08-05 15:28:00
I apologize if this rehashes anything, but I don't recall this specifically 
being addressed in the past (but my memory isn't as good as it used to be....)

Is there a drawback to the original proposal wherein if the domain in question 
does not have an SPF record, the DNS tree is traversed up to ancestors?  When a 
parent is found with an SPF record, that parent SPF record can specify that it 
DOES apply to subdomains, but the default behavior would be that it DOES NOT 
apply to subdomains.

It seems to me like this would cover both camps (1-too many records vs 2-don't 
create situations for subdomain users), and keep in mind that the 'goal' is to 
SPF-protect the maximum number of emails.

Marc Alaia

From: Meng Weng Wong <mengwong(_at_)dumbo(_dot_)pobox(_dot_)com>
Date: 2004/08/05 Thu AM 09:36:53 EDT
To: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
Subject: Re: [spf-discuss] inherited SPF record

perhaps when the game has progressed a little further we can
solve the many-subdomains problem in one of the following
ways:

1)      example.com TXT .... subdomains=_sub.%{d}
   _sub.example.com TXT v=spf1 a -all

   If a domain has no SPF record, move up the tree in search
   of a record which has a subdomains modifier.

2) update the rfc to describe a default best-guess.  in
   other words, if a domain exists and has a or mx records
   but no spf record, assume its spf record is a/24 mx/24
   ptr.

3) change the dns rfcs to say that the implicit mx rule is
   deprecated.
   that means that an email address of the form a(_at_)b(_dot_)com must
   require b.com to have an mx record to be valid.

Other solutions are possible.

A good solution is one that maps well to the problem.

(A good program is one that maps well to the solution.)

We should pick the solution that corresponds best to the
principle of least astonishment.  I think #3 might work.

-------
Sender Policy Framework: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
http://www.InboxEvent.com/?s=d --- Inbox Event Nov 17-19 in Atlanta features 
SPF and Sender ID.
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com



<Prev in Thread] Current Thread [Next in Thread>
  • Inherited SPF Record - Proposal, marc <=