spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Zonecuts specified in SPF draft

2005-01-13 08:54:00
from [Roger Moser] [Permanent Link] 
If no matching records are returned for the <domain;>, the SPF client
MUST find the Zone Cut as defined in [RFC2181] section 6 and repeat
the above steps.  The <domain>'s zone origin is then searched for SPF
records.  If an SPF record is found at the zone origin, the <domain>
is set to the zone origin as if a "redirect" modifier was executed.


I no longer find this a good idea without having a "match_subdomains=yes"
modifier as specified in spf-draft-200406. The reason is following example:

hostpoint.ch.           TXT     "v=spf1 mx ?all"
hostpoint.ch.           MX      1 mail.hostpoint.ch.
mail.hostpoint.ch.      A       217.26.48.126
server16.hostpoint.ch.  A       217.26.52.26

MAIL FROM:<xyz(_at_)server16(_dot_)hostpoint(_dot_)ch>

server16.hostpoint.ch has no SPF record and the SPF record at hostpoint.ch
(zone cut) does not authorize 217.26.52.26 (=server16.hostpoint.ch) to send
mail.

Roger
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Received: lines in a bounce, Stephane Bortzmeyer
Next by Date:  Re: Zonecuts specified in SPF draft, Alex van den Bogaerdt
Previous by Thread:  Re: SPF I-D for review: draft-schlitt-spf-classic-00.txt (fwd), william(at)elan.net
Next by Thread:  Re: Zonecuts specified in SPF draft, Alex van den Bogaerdt
Indexes:  [Date] [Thread] [Top] [All Lists]