...... Original Message .......
On Sun, 27 Mar 2005 14:46:09 -0500 Radu Hociung <radu(_at_)ohmi(_dot_)org>
wrote:
Scott Kitterman wrote:
The reason is technical: the DNS reply packet has a limited amount of
payload capacity. This may be very small, in the case of numerous
authoritative records. Combined with the load sharing features of (most)
DNS server software, it would mean that if the ammount of TXT data found
for a host name exceeds the UDP packet size, the DNS software may do
load-balancing, and omit one of th TXT records, at random.
You can see how this hurts both SPF1 and SenderID equally, and this is
counter productive.
This exact point was extensively discussed on MXCOMP and a rough
consensus
on the current approach was reached. Even if the entire archive is to
much
to swallow (I understand), reviewing that discussion might be fruitful.
I'll try to find it and understand the decision.
It does, however, cause Sender ID to have to ALWAYS look two places
instead
of one for TXT records. I doubt they would regard this as an effiency.
It wouldn't... the backwards compatible way I suggested is:
Query domain.com
If it contains SPF1,
Query _pra.domain.com
else
Quit
Yes, it does look like 2 queries. But assuming that the system
implementing PRA also implements SPF, the result of the domain.com query
costs nothing, as the result is already in the local DNS cache.
Why do you make the assumption that anyone who checks PRA will also check
SPF?
OK. Your example proves my point. If MS were to move their SPF2.0/
records (I assume you would want SPF2.0/mfrom records to move too) then
there would always be an additional DNS query required. Whether you count
it 0 to 1 or 1 to 2, it's still one more.
BTW, in your proposal, where do you suggest SPF2.0/mfrom records be put?
This also affords the SPF/PRA compilers the opportunity to put both
records in the domain.com space if they are small enough, and in that
case, 1 query finds both.
So really it is only 1 expensive query, and one cheap/free query if the
records are big.
So what you propose is that the SPF2.0/pra record only move if it's big?
How would a receiver know if the lack of a SPF2.0/pra record at example.com
was because there was no SPF2.0/pra record or because it was a big record
located at _pra.example.com? Wouldn't they have to do a TXT query at
_pra.example.com to find out?
Scott Kitterman