-----Original Message-----
From: owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[mailto:owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com] On Behalf Of M Z R
Sent: dinsdag 14 december 2004 10:17
To: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
Subject: Re: [spf-discuss] numeric MX record and SPF
On Mon, 13 Dec 2004 17:45:54 -0500 (EST), Stuart D. Gathman
<stuart(_at_)bmsi(_dot_)com> wrote:
The MX records for expofreight.com are as follows:
$ host -t mx expofreight.com
expofreight.com mail is handled by 30 dmss2.webindia.com.
expofreight.com mail is handled by 10 61.16.173.99.
Isn't this a violation of RFC 1035?
Yes.
Shouldn't SPF check on this MX record result in NXDOMAIN?
No. NXDOMAIN (RCODE 3) would be the result if there were no A or MX
records for expofreight.com at all; there are, however:
asarian-host: {root} % dig expofreight.com mx
; <<>> DiG 8.4 <<>> expofreight.com mx
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40294
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 2, ADDITIONAL: 2
;; QUERY SECTION:
;; expofreight.com, type = MX, class = IN
;; ANSWER SECTION:
expofreight.com. 5M IN MX 10 61.16.173.99.
expofreight.com. 5M IN MX 15 dmssdummy2.webindia.com.
expofreight.com. 5M IN MX 20 dmss.webindia.com.
expofreight.com. 5M IN MX 30 dmss2.webindia.com.
SPF should not do a lookup on "61.16.173.99" and then return NXDOMAIN, but
should simply not do a lookup on it at all (treat as if absent from the
list). And, consequently, if all MX records were numeric, treat the case
as if there were no (valid) MX records at all. NXDOMAIN should only be
returned, in an SPF lookup, if, say, dmssdummy2.webindia.com did not exist
(as defined in RFC 1035 4.1.1).
- Mark
System Administrator Asarian-host.org
---
"If you were supposed to understand it,
we wouldn't call it code." - FedEx