Meng Weng Wong wrote:
Use of both IP-based and crypto-based schemes can be
described by SPF:
v=spf1 a mx dk -all
I would put the policy for DomainKeys etc. in separate TXT (later SPF)
records at the domain:
TXT "v=spf1 a mx -all"
TXT "v=dk1 dk=all"
(Both records are returned in the same UPD packet.)
An SPF-only MTA would process only the "v=spf1" record.
A DK-only MTA would process only the "v=dk1" record.
An MTA doing SPF+DK would first process the "v=spf1" record and write the
result in the Received-SPF header. Then it would process the "v=dk1" record
and decide accordingly.
Roger