-----Original Message-----
From: owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[mailto:owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com] On Behalf Of
Stephane Bortzmeyer
Sent: dinsdag 14 december 2004 13:59
To: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
Subject: [spf-discuss] Re: numeric MX record and SPF
On Tue, Dec 14, 2004 at 12:51:11PM +0000,
Mark <admin(_at_)asarian-host(_dot_)net> wrote
a message of 42 lines which said:
I can see the overhead. Would you return NXDOMAIN, though?
SPF never return NXDOMAIN. DNS resolvers do.
You don't say. SPF makes decisions based on DNS lookup, though.
5.4 "mx"
This mechanism matches if <ip> is one of the MX hosts for a domain
name.
MX = "mx" [ ":" domain-spec ] [ dual-cidr-length ]
check_host() first performs an MX lookup on the <target-name>. Then
it performs an address lookup on each MX name returned. The <ip> is
compared to each returned IP address. If any address matches, the
mechanism matches.
.... on *each* MX name returned. If multiple MX records exist, a match may
yet occur. But on a single, numeric one, the Lentczner draft would return
"PermError" (because of RCODE 3). Which is undesireable, IMHO.
- Mark
System Administrator Asarian-host.org
---
"If you were supposed to understand it,
we wouldn't call it code." - FedEx