On Mon, 16 May 2005, william(at)elan.net wrote:
On Mon, 16 May 2005, Stuart D. Gathman wrote:
On Mon, 16 May 2005, Stuart D. Gathman wrote:
Suppose an SMTP service has domain 'service.com' and a client
logs in to SMTP AUTH as 'curly' and gives a MAIL FROM of
'moe(_at_)example(_dot_)com'.
The service then looks for a DNS A record at:
moe._using_.paul._at_.service.com._smtpauth_.example.com
As you're targeting it to SUBMIT service, they should already have ways
of determining valid domains from invalid or can just directly do SPF
query on incoming email.
You missed the point. SPF is guarranteed to fail. That is why
they are using SMTP AUTH!
*=moe._using_.paul._at_.service.com._smtpauth_.example.com
; not legal bind syntax - means match any name ending with '=moe'.
The above is not possible with any dns server (and not just bind) as
wildcard support is very specific to not deligated subdomains and not
something like *record.
That is why the note says "not legal bind syntax". It is a respresentation
of the effect of the mentioned "custom DNS server" (a beast that is
also very useful with the exists mechanism in SPF).
--
Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.