Bill,
At 06:35 PM 5/20/2005, you wrote:
Commerco WebMaster wrote:
[...]
While the above is how we tend to implement here, I am fairly sure that
the spec is a bit more flexible, in that the redirect could be pointed
outside one's domain zone, however, I don't immediately see cases where
that should be done.
[...]
The other case I can think of is when a domain publisher has a local SMTP
MTA they wish to authorize for their domain (their local SPF record
covers this), and also uses their upline ISP's server as a "smarthost" or
fail over server (their include covers this through their ISP's SPF record).
Actually, I do this now for hosted domains on a single MTA. I publish one
SPF record on the server's domain and then redirect to that domain from
all the hosted ones. For me, this also keeps the relationship clear
regarding who owns the actual permission to send from that MTA, rather
than distribute that amongst all the hosted domain SPF records.
Bill
Interesting. May I ask why you chose redirect as opposed to include for
the above scenario?
From reading the specs and discussions on this list, I concluded that
going include instead of redirect for cross domain records would make for a
more natural implementation for your scenario above (which is also very
similar to our own environment). In our case, the central mail domain hubs
for other domains in our network rather than for any third party domains
using our mail servers (which we don't and won't do).
If I am understanding properly, as a domain holder, a customer in your
network might wish to use a primary and backup MTA which could be on two
domain networks (possibly both operated by your company). Thus, in your
environment, I would think that include would allow more flexibility for
your customers.
As always, I reserve the right to be completely wrong and to learn from my
errors.
Best,
Alan Maitland
WebMaster(_at_)Commerco(_dot_)Net
The Commerce Company - Making Commerce Simple(sm)
http://WWW.Commerco.Com/