spf-discuss
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [spf-discuss] Include tag for hosted services

2007-01-16 15:58:46
from [Stuart D. Gathman] [Permanent Link] 
On Tue, 16 Jan 2007, Rasmus Mencke wrote:


"include=hostedService.com" - the problem I am seeing with Enterprise
customers is that they do not want to include our SPF record they prefer to
include the specific IP addresses. This will cause issues if we add another
IP to our mail service and would have to communicate with all our customers
each time, not really ideal.


The obvious simple solution is to use blahblah(_at_)hostedService(_dot_)com as 
the MAIL
FROM, but your customers don't want that because *their* customers won't
know about the relationship.

The next most simple solution is to have your Enterprise customer allocate
a subdomain for your outgoing email service.  For instance, enterprise.com
could create:

newsletter.enterprise.com       IN NS ns1.hostedService.com.
newsletter.enterprise.com       IN NS ns2.hostedService.com.

And then you can make whatever SPF record floats your boat under the
newsletter.enterprise.com domain.  The MAIL FROM would be
blahblah(_at_)newsletter(_dot_)enterprise(_dot_)com, which clearly establishes 
the email as
authorized by enterprise.com.


My question is:

   - Are there any plans/ideas on how to manage SPFrecords that you
   include, e.g. accept changes (adding IP's)
   - Notification if an included domain makes changes?


There is already support for this in the SPF and DNS protocol.
Instead of using include:, just fetch the SPF record for 
hostedService.com and compile to a set of IP addresses with a TTL.
The libspf2 C library can already do this.  (And I want to add such
a feature to pyspf.)  Then, you can include the IP set in your own 
SPF record, being sure to repeat the process before the TTL expires.


   - How would I as an email administrator know that some random
   server/IP has been added to the include SPF record?
   - How would I know if the include domain, includes another domain to
   their record?


Doesn't matter.

-- 
              Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
    Business Management Systems Inc.  Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flammis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.

-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to http://v2.listbox.com/member/?list_id=735
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [spf-discuss] Re: Erratum <explanation>, Alex van den Bogaerdt
Next by Date:  Re: [spf-discuss] Re: Erratum <explanation>, Stuart D. Gathman
Previous by Thread:  [spf-discuss] Include tag for hosted services, Rasmus Mencke
Next by Thread:  Re: [spf-discuss] Include tag for hosted services, Alex van den Bogaerdt
Indexes:  [Date] [Thread] [Top] [All Lists]