On Mon, Nov 29, 2004 at 02:25:15PM -0500, Stuart D. Gathman wrote:
On Mon, 29 Nov 2004 administrator(_at_)yellowhead(_dot_)com wrote:
I was simply trying to reiterate how dangerous it is to use PTR records for
verifying email sources, and I apologize to those that might think it
off-topic.
It is not off-topic. And the PTR mechanism of SPF should be used only
as a last resort.
The rejection shown as an example had nothing to do with the ptr mechanism.
It was postfix's reject_unknown_hostname or something similar.
I myself have had mail rejected by SPF because
the ISP screwed up their PTR records. (And it took 6 months to get
them to fix it.) As a result, I avoid using the PTR mechanism in SPF
if at all possible.
According to voices on this list there are more reasons to avoid the
ptr mechanism.
Also, DNS problems of any kind can disrupt email services. I guess
PTR, nor the ptr mechanism, is unique in this.
And even without DNS it is possible to setup SPF: "v=spf1 ip4:10.11.12.13 -all"
cheers,
Alex
--
You want an answer? You'd better follow the following guidelines!
Linesize well below 80 chars. Reply to the list, not to me. Trim
irrelevant lines. Reply _below_ the relevant lines, not on top.