On Wed, Sep 08, 2004 at 08:33:12PM -0400, Meng Weng Wong wrote:
On Wed, Sep 08, 2004 at 07:01:02PM -0400, guy wrote:
|
| >From what I have read, I should give each host a spf record!
| This does not seem reasonable for large sites. For me it is ok.
| But if this is true, it seems likely most people don't know to do it.
| If I am correct, this needs to be in the spec, or if it is, it needs to be
| in the spec twice! Or made very clear.
Yeah, there are four classes of solutions, really.
1) deprecate "implicit mx"
My favourite, but unfortunatelly rather hard to do I think. I'd like to get
some stats on this, is the domain list James et al were compiling still around?
How feasible is it you think to deprecate this?
2) modify spec to allow searching up the tree, as Wayne has
proposed in the past
My least favourite, but seems to be rather popular. Does allow for a clean
solution, if the details are worked out.
3) put an SPF record on each host
This is the most pragmatic and easily implemented, since it requires no change
of the specs and doesn't require deprecating something that is in an rfc.
However, it is cumbersome it does clutter your zonefile.
4) encourage the world to assume "a/24 mx/24 ptr -all" for
non-publishing domains
Doesn't this give a lot of extra dns-queries that couls be avoided?
All in all, we should maybe think about option 2 again, it ssems to be the best
solution.
Koen
--
K.F.J. Martens, Sonologic, http://www.sonologic.nl/
Networking, embedded systems, unix expertise, artificial intelligence.
Public PGP key: http://www.metro.cx/pubkey-gmc.asc
Wondering about the funny attachment your mail program
can't read? Visit http://www.openpgp.org/