-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Wayne wrote:
Meng, and others, have widely recommend using a default SPF record of
"v=spf1 a/24 mx/24 ptr ?all". I haven't heard too many objections to
it.
Perhaps that's because it isn't actually widely used. In particular, it
generates "Pass" results which cannot (and should not) be trusted.
The whole idea of applying a default SPF record to policy-less domains
runs contrary to the concept of domain owners explicitly granting
"Pass"es for machines that they want to be trusted. Perhaps "v=spf1
?a/24 ?mx/24 ?ptr ~all", but then that isn't of much use anymore.
If a domain has no policy, then there's no point in pretending there was
one. Policy information by definition cannot be extrapolated.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFDC519wL7PKlBZWjsRAm3LAJ9E+QDLi+C4TnHwROC7pUi/g4/N2QCgu69k
My2dcIZaXv4EQumvhORfXm4=
=2Cvc
-----END PGP SIGNATURE-----