Florian Weimer wrote:
<http://www.enyo.de/fw/software/exim/spf-update.html>
Thanks, that's very interesting and clear, after I checked
172800 / 3600 = 48. I'm not immediately sure that it's the
_fastest_ way to update an indirectly referenced A, but it
certainly demonstrates _one_ way and explains all problems.
Your recommendations:
| If a zone publishes records of both SPF (type 99) and TXT
| type, the SPF record overrides the relevant TXT records.
| No longer signal PermError if their contents does not match.
Didn't make it because alleged "DNS gurus" wanted a PermError.
As far as I'm concerned "use whatever you get first, in doubt
SPF before TXT" is okay.
| PermError must only be signaled for syntax errors.
Maybe we need two kinds of PermError, plain syntax errors or
a missing include / redirect. Or two kinds of TempError.
Simply moving the "missing include / redirect" problems to
TempError is dubious, because this is not necessarily "only"
a temporary problem.
Your third point indicates that you'd prefer to treat these
issues as TempErrors. Let's say that they need their own
(third) class of error.
| Consider abolishing SoftFail.
We did. I bothered Wayne with it until he invented a real
story (= greylisting) how "SoftFail" could be useful. It's
a historical oddity. I refuse to defend it, but when I look
for something to attack I hate "exp" (plus related macros)
more than "SoftFail".
Typo in your memo: s/two/too/ (5th two). Bye, Frank