just a quick reply to my own reply to my own reply
re the whole v=spf3 stuff
several have commented with all the v1 and v2 records in place and now a v3 on
top
will add too much byteweight to the response to a query for UDP to handle
efficiently {or at all in some cases}
this is a serious issue {was my problem with spf originally as it broke my
standard of adding txt and rp records to most hosts
{now just rp pointing to a txt container}
so should we be considering a standard sub-zone for spf going forward?
no its simpler to fix than that
just recommend anyone doing more than 1 form of spf and/or sender-id remembers
about the issue and divides his records(s) appropriately
like thus
domain.tld IN SPF "v=spf1 redirect=_spf1.%{o}"
domain.tld IN SPF "v=spf3 redirect=_spf3.%{o}"
domain.tld IN TXT "v=spf1 redirect=_spf1.%{o}"
domain.tld IN TXT "spf2.0/mfrom,pra redirect=_spf2.%{o}"
domain.tld IN TXT "v=spf3 redirect=_spf3.%{o}"
thus delegating/controlling his own sub-zone delegation and one initial lookup
gives all that a client needs to determine highest supported version to further
query
thus well under the byte weight issue well into later versions if people still
want to cater for all backwards compatibility
but honestly think to kill sender-id we need to do the Microsoft thing and
embrace-extend-extinguish
so include it in the spec with
v=spf3 == v=spf3/mfrom,helo,pra
but those not wanting to touch sender id then just publish
v=spf3/mfrom,helo
thus killing any pra checks with no record found
or
v=spf3/mfrom,helo "traditional spf record"
v=spf3/pra +all
saying loud you want to positively pass pra checks from any source
or if like me you are pedantic and would like to keep all roles separate
v=spf3/mfrom "traditional spf record"
v=spf3/helo -all {helo as my top level domain I think
not!}
v=spf3/pra +all {not drinking the sender-id cool-aid
thanks}
-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/735/=now
RSS Feed: https://www.listbox.com/member/archive/rss/735/
Powered by Listbox: http://www.listbox.com