spf-discuss
[Top] [All Lists]

Re: Updating SPF type99 and TXT RR's: Simultaneity is not guaranteed.

2005-08-11 08:29:39
Florian Weimer wrote:

  <http://www.enyo.de/fw/software/exim/spf-update.html>

Thanks, that's very interesting and clear, after I checked
172800 / 3600 = 48.  I'm not immediately sure that it's the
_fastest_ way to update an indirectly referenced A, but it
certainly demonstrates _one_ way and explains all problems.

Your recommendations:

| If a zone publishes records of both SPF (type 99) and TXT
| type, the SPF record overrides the relevant TXT records.
| No longer signal PermError if their contents does not match.

Didn't make it because alleged "DNS gurus" wanted a PermError.
As far as I'm concerned "use whatever you get first, in doubt
SPF before TXT" is okay.

| PermError must only be signaled for syntax errors.

Maybe we need two kinds of PermError, plain syntax errors or
a missing include / redirect.  Or two kinds of TempError.

Simply moving the "missing include / redirect" problems to
TempError is dubious, because this is not necessarily "only"
a temporary problem.

Your third point indicates that you'd prefer to treat these
issues as TempErrors.  Let's say that they need their own
(third) class of error.

| Consider abolishing SoftFail.

We did.  I bothered Wayne with it until he invented a real
story (= greylisting) how "SoftFail" could be useful.  It's
a historical oddity.  I refuse to defend it, but when I look
for something to attack I hate "exp" (plus related macros)
more than "SoftFail".

Typo in your memo: s/two/too/ (5th two).  Bye, Frank



<Prev in Thread] Current Thread [Next in Thread>