Given the issue discovered in DNS last year, which essentially
required suppliers of DNS server software to address and update
their software, one would think that any serious DNS operators would
have migrated to the new fixed DNS server versions. One would also
think that suppliers of DNS servers would also have added support
for SPF RR as a valid and accepted RR type in current DNS software
per the RFCs governing standards for DNS in their current releases.
Thus on most all DNS servers, one might conclude that there should
already be direct support the SPF RR.
What's with this "one might" and "one would" high-falutin'? Just do
some research (if you're not afraid to find out you're wrong).
As of Oct 2008, post-Kaminsky, the Measurement Factory survey reported
that under 7% of authoritative servers were running a version of BIND
that supports Type 99 (9.4+).
Approximately 15% more use djb/My/Simple/Power, which at least support
Type 99 in their latest versions (versions for these are not given).
26% of servers are totally unclassified. Given earlier survey results,
I believe there to be at least another 1-3% of MS DNS in there (the
classifiable servers are < 1% MS DNS), and none of those support Type
99.
Anyway, add in half of the unclassified BINDs, plus half of the
totally unknown servers, and even at this surely inflated level,
you're talking about 45% SPF RR support. That isn't "most all DNS
servers" (whatever that means). It's almost "most".
http://dns.measurement-factory.com/surveys/200810.html
I would not argue with your wishful thinking, but that's not what we
should deal with here.
--Sandy
-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/735/=now
RSS Feed: https://www.listbox.com/member/archive/rss/735/
Powered by Listbox: http://www.listbox.com