David Brodbeck wrote:
On Thu, 5 Aug 2004 17:02:40 +0200, Koen Martens wrote
Non-existent domains are quite effectively protected with a wildcard
domain :
* IN TXT "v=spf -all"
or something like that
Also, many (most?) MTAs already block mail from domains that don't
exist.
Although some of us can't. Running a large customer service mail server, for
example, where people in the field have hostnames *that haven't propagated
through DNS yet to the receiver's mail server* means the mail will be at
least deferred, if not actually blocked.
DNS changes are simply not instantaneous, especially when sent around the
world or when the recipient may have the data cached. Even the "PTR must
match A record" test is vulnerable to local caching and to DNS zone timeouts
that may differ between the forward and reverse DNS, and may not be in sync
anyway.