On Thu, 31 Mar 2005, test only wrote:
In other words, once the IP is authorized by SPF, you have a reduced need
to perform additional SPF lookup when the same client connects. A time
expiration cached can be used to determine when a refresh check should be
done.
This might be translated to a SPF directive where the policy exposes a
refresh time. However, that would need to be secured with a server overide
refresh time because you don't want a client saying "This record is good for
X months!"
There is no need for this in SPF record (and it would be violation of
layers too since caching is for protocols). DNS has very strong caching
architecture with features that include refresh time, etc. Since SPF is
using dns, there is no need to add "refresh time" to the record, what you
need is to have SPF client use local caching dns servers and have SPF
record entered with different refresh then domain zone.
--
William Leibzon
Elan Networks
william(_at_)elan(_dot_)net