-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Stuart D. Gathman wrote:
Based on frequent permerrors, I've determined that people expect
the base domain of relative names to be the domain of the SPF
record, For instance, if they publish
example.com IN SPF "v=spf1 a:mail -all"
what they meant was:
example.com IN SPF "v=spf1 a:mail.example.com -all"
We might consider that for SPF2.1 - except it is of limited usefullness
since it is only unambiguous when there is no dot at all.
Actually, in the tradition of DNS, we might even go as far as to require
FQDNs to end in a dot, and declare anything else relative to %{d}. Of
course a good "Changes from SPFv1" document, and perhaps a record upgrade
tool, would then be required to make the transition of old records
painless.
Or this could be a very bad idea. Not sure yet.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
iD8DBQFEagiHwL7PKlBZWjsRAqvpAJ9SEA5WeSe4VVNfKLMtiE5PtnE9rwCg6/rb
K2qybWdBeppF9HN/6KQpZv4=
=yHXZ
-----END PGP SIGNATURE-----
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com