-----Original Message-----
From: Mark Shewmaker [mailto:mark(_at_)primefactor(_dot_)com]
Sent: Wednesday, August 10, 2005 2:00 AM
To: spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
Subject: [spf-discuss] Updating SPF type99 and TXT RR's: Simultaneity is
not guaranteed.
snip
(As a side note, there's another related, but far less serious issue:
If a domain publishes identical txt and spf rr's which include: a domain
that only publishes an SPF-type99 record, then recipients who check
TXT-only will return permerrors, while recipients who check either both
types or even just type99 will have no problems.)
Yes, but checking only one type isn't compliant with the current draft. In
this case if include:domain TXT returns nothing, then include:domain SPF
should be checked.
A for more serious case is the real one that Stuart posted about earlier:
http://www.gossamer-threads.com/lists/spf/discuss/22901
Consider the domain szco.com
$ host -t txt szco.com
;; no records
$ host -t type99 szco.com
;; connection timed out; no servers could be reached
Obviously, the DNS for szco.com is braindead. However, this is an
important customer of my client, and they are unlikely to fix their DNS
server in the next 10 years. So I have to work around the braindamage
someway. What do people think about this tweak to checking for both TXT
and SPF:
check for TXT record
if no TXT SPF record:
try:
check for type99 SPF record
except DNSTimeout:
pretend there were no type99 SPF records either
Scott K