In <20070110161119(_dot_)GJ5768(_at_)ergens(_dot_)op(_dot_)het(_dot_)net> Alex
van den Bogaerdt <alex(_at_)ergens(_dot_)op(_dot_)het(_dot_)net> writes:
So the set of SPF type RR is not empty, but does not contain "v=spf1",
does not say anything?
Those records could be SPFv3 records or something. Or malformed
garbage returned by broken name servers that do bad things with
"unknown" record types. Or, whatever.
I thought the loophole was included for those environments that could
not (yet) publish the SPF type RR, not for those that choose not to.
Section 3.1.1. says that you SHOULD publish records with both TXT and
type99. RFC2119 says:
3. SHOULD This word, or the adjective "RECOMMENDED", mean that there
may exist valid reasons in particular circumstances to ignore a
particular item, but the full implications must be understood and
carefully weighed before choosing a different course.
No where does it say what qualifies as a "valid reason", and in
practice "SHOULD" has little more weight than "OPTIONAL". The
implications that must be "carefully weighed" is that if a domain
owners chooses to only publish TXT records, that there exists the
possiblity that there are SPF implementations out there that only
check type99 records and that their records may not be seen.
Likewise, an SPF implementation that only checks one record type, may
miss records of domains that only publish the other record time.
As for valid reasons to not publish type99 records, that could easily
be "my master zone name server software can't deal with type99, even
though my secondary zones can deal with it and answer with no records
when queried"
As for valid reasons to not check type99 records, that could easily be
"too many nameservers timeout when queried" and "too few type99
records are published and it isn't worth the bandwidth and nameserver
caching utilization"
While writing/rewriting various parts of RFC4408, I did choose between
"MAY", "OPTIONAL", "SHOULD" and "RECOMMENDED" in order to give
slightly different emphasis in the hopes that people would do the
appropriate thing, even though there really is very little technical
differences between these for words. For example, I think that saying
"you SHOULD publish records with both [types]" sounds stronger than
"it is RECOMMENDED that you publish records with both types", even
though they are techically *exactly* the same.
-wayne
-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to http://v2.listbox.com/member/?list_id=735