* Scott Kitterman:
Yes. I do not, however, see any need to remove both type SPF and type TXT.
Even with the current rules, deleting one record type should be sufficient.
I agree, anything contrary to that is an error in the web page. (But
I can't find such a claim at the moment.)
I agree that something needs to change here. Even if the receiver does
sequential lookups and only looks at the second RR type if they don't find a
record at the first, there is trouble.
There is EVEN trouble for domains that know nothing about SPF. Stuart had
an excellent example of this a few days ago:
http://www.gossamer-threads.com/lists/spf/discuss/22901?#22901
But this seems to be mostly an implementation problem.
Consider the domain szco.com
$ host -t txt szco.com
;; no records
$ host -t type99 szco.com
;; connection timed out; no servers could be reached
Technically this is a TempError and I suppose that's true for a sufficiently
long definition of temporary (after they upgrade their DNS infrastructure
and/or firewall).
Due to its distributed nature and optimistic replication strategy, you
can't tell on the spot if DNS errors are temporary or permanent. (If
you flag this as a PermError, you run into the PermError/SoftFail/Fail
and bounce trap, which is unlikely to get fixed.)