Scott Kitterman wrote:
The reason is technical: the DNS reply packet has a limited amount of
payload capacity. This may be very small, in the case of numerous
authoritative records. Combined with the load sharing features of (most)
DNS server software, it would mean that if the ammount of TXT data found
for a host name exceeds the UDP packet size, the DNS software may do
load-balancing, and omit one of th TXT records, at random.
You can see how this hurts both SPF1 and SenderID equally, and this is
counter productive.
This exact point was extensively discussed on MXCOMP and a rough consensus
on the current approach was reached. Even if the entire archive is to much
to swallow (I understand), reviewing that discussion might be fruitful.
I'll try to find it and understand the decision.
It does, however, cause Sender ID to have to ALWAYS look two places instead
of one for TXT records. I doubt they would regard this as an effiency.
It wouldn't... the backwards compatible way I suggested is:
Query domain.com
If it contains SPF1,
Query _pra.domain.com
else
Quit
Yes, it does look like 2 queries. But assuming that the system
implementing PRA also implements SPF, the result of the domain.com query
costs nothing, as the result is already in the local DNS cache.
This also affords the SPF/PRA compilers the opportunity to put both
records in the domain.com space if they are small enough, and in that
case, 1 query finds both.
So really it is only 1 expensive query, and one cheap/free query if the
records are big.
Radu