Dave,
At 11:32 AM 3/30/2005, you wrote:
At 11:02 AM 3/30/2005 -0500, Todd wrote:
On Tue, 29 Mar 2005, at 16:12, David MacQuigg wrote:
>
.. snip ..
One thing I'm not clear on is whether an address like
CPE-69-76-120-59.wi.res.rr.com can be SPF-blocked at the res.rr.com level,
or whether you need to have SPF records for all the subdomains below
that. I wish I knew more about DNS.
I think the short answer is yes. Another question to consider might be how
best to implement such a solution.
I can think of two ways:
1) Have a TXT record set up for each zone A entry (Ugly without automation
and makes for bigger zone files).
2) Use DNS wildcard capability and point the TXT record on wildcard sub
zones back to
a common entry. For example:
$ORIGIN sub1.suba.domain.tld.
* 86400 IN A nnn.nnn.nnn.nnn
* 86400 IN TXT "v=spf1 redirect=_spf.suba.domain.tld"
would point all entries under sub1.suba.domain.tld back to the suba SPF
rules TXT at _spf.suba.domain.tld
Depending upon the environment, one would probably make more sense than the
other. Using DNS wildcard tends to require a bit more management.
Another question is whether there might be "cross-pollution" between the
different biz.rr.com subdomains. Ideally, each should have its own
reputation to gain or lose, but there may be a problem with how many names
a reputation service is willing to keep track of. If they just provide
one rating for all of biz.rr.com, then one spammer.biz.rr.com could ruin
the whole group. You might want to say any business that wants to operate
its own public mail server should do like joesgarage.com and get their own
name. Then you can SPF-block the entire biz.rr.com subdomain, and be done
with it.
Not sure this would be a problem, think about some of the international
country TLDs that break out domains into tertiary and further zone splits.
-- Dave
************************************************************ *
* David MacQuigg, PhD email: dmquigg-spf at yahoo.com * *
* IC Design Engineer phone: USA 520-721-4583 * * *
* Analog Design Methodologies * * *
* 9320 East Mikelyn Lane * * *
* VRS Consulting, P.C. Tucson, Arizona 85710 *
************************************************************ *
Best,
Alan Maitland
WebMaster(_at_)Commerco(_dot_)Net
The Commerce Company - Making Commerce Simple(sm)
http://WWW.Commerco.Com/