Greg Hewgill wrote:
On Wed, Oct 06, 2004 at 01:25:08PM +1000, Raymond Neeves wrote:
HELO au01.mta.mycompany.myisp.au.com
where in this fqdn do i stop checking for SPF records?
You could walk up the DNS tree looking for SOA records. If mycompany
runs their own DNS, the first match might be an SOA for
mycompany.myisp.au.com. Otherwise, continue to remove names from the
left hand side until an SOA record is found.
Oh? That is quite a new interpretation. In my understanding of SPF, in the
above case, an SPF lookup should ONLY be done on
"au01.mta.mycompany.myisp.au.com". Certainly no traversing "up" the tree, to
try and find other SPF records. The SPF record for "somebody.example.com"
may be entirely different from "example.com" itself, or even be totally
absent. And that is intentional.
- Mark
System Administrator Asarian-host.org
---
"If you were supposed to understand it,
we wouldn't call it code." - FedEx